suse-su-2024:2011-1
Vulnerability from csaf_suse
Published
2024-06-12 16:39
Modified
2024-06-12 16:39
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-26929: Fixed double free of fcport (bsc#1223715).
- CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223626).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
- CVE-2024-27413: Fixed incorrect allocation size (bsc#1224438).
- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1224736).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35904: Fixed dereference of garbage after mount failure (bsc#1224494).
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488).
- CVE-2024-36926: Fixed LPAR panics during boot up with a frozen PE (bsc#1222011).
The following non-security bugs were fixed:
- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- filemap: remove use of wait bookmarks (bsc#1224085).
- idpf: extend tx watchdog timeout (bsc#1224137).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191).
- powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).
- powerpc/powernv: Add a null pointer check to scom_debug_init_one() (bsc#1194869).
- powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- powerpc: Refactor verification of MSR_RI (bsc#1223191).
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
Patchnames
SUSE-2024-2011,SUSE-SLE-Micro-5.3-2024-2011,SUSE-SLE-Micro-5.4-2024-2011,openSUSE-Leap-Micro-5.3-2024-2011,openSUSE-Leap-Micro-5.4-2024-2011
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).\n- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).\n- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).\n- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).\n- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).\n- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).\n- CVE-2024-26929: Fixed double free of fcport (bsc#1223715).\n- CVE-2024-26930: Fixed double free of the ha-\u003evp_map pointer (bsc#1223626).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).\n- CVE-2024-27413: Fixed incorrect allocation size (bsc#1224438).\n- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1224736).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).\n- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).\n- CVE-2024-35904: Fixed dereference of garbage after mount failure (bsc#1224494).\n- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488).\n- CVE-2024-36926: Fixed LPAR panics during boot up with a frozen PE (bsc#1222011).\n\nThe following non-security bugs were fixed:\n\n- af_unix: annote lockless accesses to unix_tot_inflight \u0026 gc_in_progress (bsc#1223384).\n- af_unix: Do not use atomic ops for unix_sk(sk)-\u003einflight (bsc#1223384).\n- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).\n- filemap: remove use of wait bookmarks (bsc#1224085).\n- idpf: extend tx watchdog timeout (bsc#1224137).\n- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)\n- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).\n- powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191).\n- powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).\n- powerpc/powernv: Add a null pointer check to scom_debug_init_one() (bsc#1194869).\n- powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270).\n- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).\n- powerpc: Refactor verification of MSR_RI (bsc#1223191).\n- supported.conf: support tcp_dctcp module (jsc#PED-8111)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2011,SUSE-SLE-Micro-5.3-2024-2011,SUSE-SLE-Micro-5.4-2024-2011,openSUSE-Leap-Micro-5.3-2024-2011,openSUSE-Leap-Micro-5.4-2024-2011",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2011-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2011-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242011-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2011-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-June/035575.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1174585",
"url": "https://bugzilla.suse.com/1174585"
},
{
"category": "self",
"summary": "SUSE Bug 1190569",
"url": "https://bugzilla.suse.com/1190569"
},
{
"category": "self",
"summary": "SUSE Bug 1191949",
"url": "https://bugzilla.suse.com/1191949"
},
{
"category": "self",
"summary": "SUSE Bug 1192107",
"url": "https://bugzilla.suse.com/1192107"
},
{
"category": "self",
"summary": "SUSE Bug 1193983",
"url": "https://bugzilla.suse.com/1193983"
},
{
"category": "self",
"summary": "SUSE Bug 1194288",
"url": "https://bugzilla.suse.com/1194288"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1196869",
"url": "https://bugzilla.suse.com/1196869"
},
{
"category": "self",
"summary": "SUSE Bug 1196956",
"url": "https://bugzilla.suse.com/1196956"
},
{
"category": "self",
"summary": "SUSE Bug 1197915",
"url": "https://bugzilla.suse.com/1197915"
},
{
"category": "self",
"summary": "SUSE Bug 1200313",
"url": "https://bugzilla.suse.com/1200313"
},
{
"category": "self",
"summary": "SUSE Bug 1201308",
"url": "https://bugzilla.suse.com/1201308"
},
{
"category": "self",
"summary": "SUSE Bug 1201489",
"url": "https://bugzilla.suse.com/1201489"
},
{
"category": "self",
"summary": "SUSE Bug 1208149",
"url": "https://bugzilla.suse.com/1208149"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1209799",
"url": "https://bugzilla.suse.com/1209799"
},
{
"category": "self",
"summary": "SUSE Bug 1209834",
"url": "https://bugzilla.suse.com/1209834"
},
{
"category": "self",
"summary": "SUSE Bug 1211592",
"url": "https://bugzilla.suse.com/1211592"
},
{
"category": "self",
"summary": "SUSE Bug 1213863",
"url": "https://bugzilla.suse.com/1213863"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1217169",
"url": "https://bugzilla.suse.com/1217169"
},
{
"category": "self",
"summary": "SUSE Bug 1217515",
"url": "https://bugzilla.suse.com/1217515"
},
{
"category": "self",
"summary": "SUSE Bug 1218447",
"url": "https://bugzilla.suse.com/1218447"
},
{
"category": "self",
"summary": "SUSE Bug 1218917",
"url": "https://bugzilla.suse.com/1218917"
},
{
"category": "self",
"summary": "SUSE Bug 1220492",
"url": "https://bugzilla.suse.com/1220492"
},
{
"category": "self",
"summary": "SUSE Bug 1220783",
"url": "https://bugzilla.suse.com/1220783"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221645",
"url": "https://bugzilla.suse.com/1221645"
},
{
"category": "self",
"summary": "SUSE Bug 1221958",
"url": "https://bugzilla.suse.com/1221958"
},
{
"category": "self",
"summary": "SUSE Bug 1222011",
"url": "https://bugzilla.suse.com/1222011"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222721",
"url": "https://bugzilla.suse.com/1222721"
},
{
"category": "self",
"summary": "SUSE Bug 1222976",
"url": "https://bugzilla.suse.com/1222976"
},
{
"category": "self",
"summary": "SUSE Bug 1223057",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "self",
"summary": "SUSE Bug 1223084",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "self",
"summary": "SUSE Bug 1223111",
"url": "https://bugzilla.suse.com/1223111"
},
{
"category": "self",
"summary": "SUSE Bug 1223138",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "self",
"summary": "SUSE Bug 1223191",
"url": "https://bugzilla.suse.com/1223191"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223390",
"url": "https://bugzilla.suse.com/1223390"
},
{
"category": "self",
"summary": "SUSE Bug 1223481",
"url": "https://bugzilla.suse.com/1223481"
},
{
"category": "self",
"summary": "SUSE Bug 1223501",
"url": "https://bugzilla.suse.com/1223501"
},
{
"category": "self",
"summary": "SUSE Bug 1223512",
"url": "https://bugzilla.suse.com/1223512"
},
{
"category": "self",
"summary": "SUSE Bug 1223520",
"url": "https://bugzilla.suse.com/1223520"
},
{
"category": "self",
"summary": "SUSE Bug 1223532",
"url": "https://bugzilla.suse.com/1223532"
},
{
"category": "self",
"summary": "SUSE Bug 1223626",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "self",
"summary": "SUSE Bug 1223715",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "self",
"summary": "SUSE Bug 1223894",
"url": "https://bugzilla.suse.com/1223894"
},
{
"category": "self",
"summary": "SUSE Bug 1223921",
"url": "https://bugzilla.suse.com/1223921"
},
{
"category": "self",
"summary": "SUSE Bug 1223922",
"url": "https://bugzilla.suse.com/1223922"
},
{
"category": "self",
"summary": "SUSE Bug 1223923",
"url": "https://bugzilla.suse.com/1223923"
},
{
"category": "self",
"summary": "SUSE Bug 1223924",
"url": "https://bugzilla.suse.com/1223924"
},
{
"category": "self",
"summary": "SUSE Bug 1223929",
"url": "https://bugzilla.suse.com/1223929"
},
{
"category": "self",
"summary": "SUSE Bug 1223931",
"url": "https://bugzilla.suse.com/1223931"
},
{
"category": "self",
"summary": "SUSE Bug 1223932",
"url": "https://bugzilla.suse.com/1223932"
},
{
"category": "self",
"summary": "SUSE Bug 1223934",
"url": "https://bugzilla.suse.com/1223934"
},
{
"category": "self",
"summary": "SUSE Bug 1223941",
"url": "https://bugzilla.suse.com/1223941"
},
{
"category": "self",
"summary": "SUSE Bug 1223948",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "self",
"summary": "SUSE Bug 1223952",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "self",
"summary": "SUSE Bug 1223953",
"url": "https://bugzilla.suse.com/1223953"
},
{
"category": "self",
"summary": "SUSE Bug 1223957",
"url": "https://bugzilla.suse.com/1223957"
},
{
"category": "self",
"summary": "SUSE Bug 1223962",
"url": "https://bugzilla.suse.com/1223962"
},
{
"category": "self",
"summary": "SUSE Bug 1223963",
"url": "https://bugzilla.suse.com/1223963"
},
{
"category": "self",
"summary": "SUSE Bug 1223964",
"url": "https://bugzilla.suse.com/1223964"
},
{
"category": "self",
"summary": "SUSE Bug 1223996",
"url": "https://bugzilla.suse.com/1223996"
},
{
"category": "self",
"summary": "SUSE Bug 1224085",
"url": "https://bugzilla.suse.com/1224085"
},
{
"category": "self",
"summary": "SUSE Bug 1224099",
"url": "https://bugzilla.suse.com/1224099"
},
{
"category": "self",
"summary": "SUSE Bug 1224137",
"url": "https://bugzilla.suse.com/1224137"
},
{
"category": "self",
"summary": "SUSE Bug 1224174",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "self",
"summary": "SUSE Bug 1224438",
"url": "https://bugzilla.suse.com/1224438"
},
{
"category": "self",
"summary": "SUSE Bug 1224482",
"url": "https://bugzilla.suse.com/1224482"
},
{
"category": "self",
"summary": "SUSE Bug 1224488",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "self",
"summary": "SUSE Bug 1224494",
"url": "https://bugzilla.suse.com/1224494"
},
{
"category": "self",
"summary": "SUSE Bug 1224511",
"url": "https://bugzilla.suse.com/1224511"
},
{
"category": "self",
"summary": "SUSE Bug 1224592",
"url": "https://bugzilla.suse.com/1224592"
},
{
"category": "self",
"summary": "SUSE Bug 1224611",
"url": "https://bugzilla.suse.com/1224611"
},
{
"category": "self",
"summary": "SUSE Bug 1224664",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "self",
"summary": "SUSE Bug 1224678",
"url": "https://bugzilla.suse.com/1224678"
},
{
"category": "self",
"summary": "SUSE Bug 1224682",
"url": "https://bugzilla.suse.com/1224682"
},
{
"category": "self",
"summary": "SUSE Bug 1224685",
"url": "https://bugzilla.suse.com/1224685"
},
{
"category": "self",
"summary": "SUSE Bug 1224730",
"url": "https://bugzilla.suse.com/1224730"
},
{
"category": "self",
"summary": "SUSE Bug 1224736",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "self",
"summary": "SUSE Bug 1224763",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "self",
"summary": "SUSE Bug 1224816",
"url": "https://bugzilla.suse.com/1224816"
},
{
"category": "self",
"summary": "SUSE Bug 1224895",
"url": "https://bugzilla.suse.com/1224895"
},
{
"category": "self",
"summary": "SUSE Bug 1224898",
"url": "https://bugzilla.suse.com/1224898"
},
{
"category": "self",
"summary": "SUSE Bug 1224900",
"url": "https://bugzilla.suse.com/1224900"
},
{
"category": "self",
"summary": "SUSE Bug 1224901",
"url": "https://bugzilla.suse.com/1224901"
},
{
"category": "self",
"summary": "SUSE Bug 1224902",
"url": "https://bugzilla.suse.com/1224902"
},
{
"category": "self",
"summary": "SUSE Bug 1224903",
"url": "https://bugzilla.suse.com/1224903"
},
{
"category": "self",
"summary": "SUSE Bug 1224904",
"url": "https://bugzilla.suse.com/1224904"
},
{
"category": "self",
"summary": "SUSE Bug 1224905",
"url": "https://bugzilla.suse.com/1224905"
},
{
"category": "self",
"summary": "SUSE Bug 1224907",
"url": "https://bugzilla.suse.com/1224907"
},
{
"category": "self",
"summary": "SUSE Bug 1224910",
"url": "https://bugzilla.suse.com/1224910"
},
{
"category": "self",
"summary": "SUSE Bug 1224911",
"url": "https://bugzilla.suse.com/1224911"
},
{
"category": "self",
"summary": "SUSE Bug 1224912",
"url": "https://bugzilla.suse.com/1224912"
},
{
"category": "self",
"summary": "SUSE Bug 1224913",
"url": "https://bugzilla.suse.com/1224913"
},
{
"category": "self",
"summary": "SUSE Bug 1224914",
"url": "https://bugzilla.suse.com/1224914"
},
{
"category": "self",
"summary": "SUSE Bug 1224915",
"url": "https://bugzilla.suse.com/1224915"
},
{
"category": "self",
"summary": "SUSE Bug 1224920",
"url": "https://bugzilla.suse.com/1224920"
},
{
"category": "self",
"summary": "SUSE Bug 1224928",
"url": "https://bugzilla.suse.com/1224928"
},
{
"category": "self",
"summary": "SUSE Bug 1224931",
"url": "https://bugzilla.suse.com/1224931"
},
{
"category": "self",
"summary": "SUSE Bug 1224932",
"url": "https://bugzilla.suse.com/1224932"
},
{
"category": "self",
"summary": "SUSE Bug 1224937",
"url": "https://bugzilla.suse.com/1224937"
},
{
"category": "self",
"summary": "SUSE Bug 1224942",
"url": "https://bugzilla.suse.com/1224942"
},
{
"category": "self",
"summary": "SUSE Bug 1224944",
"url": "https://bugzilla.suse.com/1224944"
},
{
"category": "self",
"summary": "SUSE Bug 1224945",
"url": "https://bugzilla.suse.com/1224945"
},
{
"category": "self",
"summary": "SUSE Bug 1224947",
"url": "https://bugzilla.suse.com/1224947"
},
{
"category": "self",
"summary": "SUSE Bug 1224956",
"url": "https://bugzilla.suse.com/1224956"
},
{
"category": "self",
"summary": "SUSE Bug 1224988",
"url": "https://bugzilla.suse.com/1224988"
},
{
"category": "self",
"summary": "SUSE Bug 1225000",
"url": "https://bugzilla.suse.com/1225000"
},
{
"category": "self",
"summary": "SUSE Bug 1225003",
"url": "https://bugzilla.suse.com/1225003"
},
{
"category": "self",
"summary": "SUSE Bug 1225005",
"url": "https://bugzilla.suse.com/1225005"
},
{
"category": "self",
"summary": "SUSE Bug 1225009",
"url": "https://bugzilla.suse.com/1225009"
},
{
"category": "self",
"summary": "SUSE Bug 1225022",
"url": "https://bugzilla.suse.com/1225022"
},
{
"category": "self",
"summary": "SUSE Bug 1225031",
"url": "https://bugzilla.suse.com/1225031"
},
{
"category": "self",
"summary": "SUSE Bug 1225032",
"url": "https://bugzilla.suse.com/1225032"
},
{
"category": "self",
"summary": "SUSE Bug 1225036",
"url": "https://bugzilla.suse.com/1225036"
},
{
"category": "self",
"summary": "SUSE Bug 1225044",
"url": "https://bugzilla.suse.com/1225044"
},
{
"category": "self",
"summary": "SUSE Bug 1225076",
"url": "https://bugzilla.suse.com/1225076"
},
{
"category": "self",
"summary": "SUSE Bug 1225077",
"url": "https://bugzilla.suse.com/1225077"
},
{
"category": "self",
"summary": "SUSE Bug 1225082",
"url": "https://bugzilla.suse.com/1225082"
},
{
"category": "self",
"summary": "SUSE Bug 1225086",
"url": "https://bugzilla.suse.com/1225086"
},
{
"category": "self",
"summary": "SUSE Bug 1225092",
"url": "https://bugzilla.suse.com/1225092"
},
{
"category": "self",
"summary": "SUSE Bug 1225095",
"url": "https://bugzilla.suse.com/1225095"
},
{
"category": "self",
"summary": "SUSE Bug 1225096",
"url": "https://bugzilla.suse.com/1225096"
},
{
"category": "self",
"summary": "SUSE Bug 1225106",
"url": "https://bugzilla.suse.com/1225106"
},
{
"category": "self",
"summary": "SUSE Bug 1225108",
"url": "https://bugzilla.suse.com/1225108"
},
{
"category": "self",
"summary": "SUSE Bug 1225109",
"url": "https://bugzilla.suse.com/1225109"
},
{
"category": "self",
"summary": "SUSE Bug 1225118",
"url": "https://bugzilla.suse.com/1225118"
},
{
"category": "self",
"summary": "SUSE Bug 1225121",
"url": "https://bugzilla.suse.com/1225121"
},
{
"category": "self",
"summary": "SUSE Bug 1225122",
"url": "https://bugzilla.suse.com/1225122"
},
{
"category": "self",
"summary": "SUSE Bug 1225123",
"url": "https://bugzilla.suse.com/1225123"
},
{
"category": "self",
"summary": "SUSE Bug 1225125",
"url": "https://bugzilla.suse.com/1225125"
},
{
"category": "self",
"summary": "SUSE Bug 1225126",
"url": "https://bugzilla.suse.com/1225126"
},
{
"category": "self",
"summary": "SUSE Bug 1225127",
"url": "https://bugzilla.suse.com/1225127"
},
{
"category": "self",
"summary": "SUSE Bug 1225129",
"url": "https://bugzilla.suse.com/1225129"
},
{
"category": "self",
"summary": "SUSE Bug 1225131",
"url": "https://bugzilla.suse.com/1225131"
},
{
"category": "self",
"summary": "SUSE Bug 1225132",
"url": "https://bugzilla.suse.com/1225132"
},
{
"category": "self",
"summary": "SUSE Bug 1225145",
"url": "https://bugzilla.suse.com/1225145"
},
{
"category": "self",
"summary": "SUSE Bug 1225151",
"url": "https://bugzilla.suse.com/1225151"
},
{
"category": "self",
"summary": "SUSE Bug 1225153",
"url": "https://bugzilla.suse.com/1225153"
},
{
"category": "self",
"summary": "SUSE Bug 1225156",
"url": "https://bugzilla.suse.com/1225156"
},
{
"category": "self",
"summary": "SUSE Bug 1225158",
"url": "https://bugzilla.suse.com/1225158"
},
{
"category": "self",
"summary": "SUSE Bug 1225160",
"url": "https://bugzilla.suse.com/1225160"
},
{
"category": "self",
"summary": "SUSE Bug 1225161",
"url": "https://bugzilla.suse.com/1225161"
},
{
"category": "self",
"summary": "SUSE Bug 1225164",
"url": "https://bugzilla.suse.com/1225164"
},
{
"category": "self",
"summary": "SUSE Bug 1225167",
"url": "https://bugzilla.suse.com/1225167"
},
{
"category": "self",
"summary": "SUSE Bug 1225180",
"url": "https://bugzilla.suse.com/1225180"
},
{
"category": "self",
"summary": "SUSE Bug 1225183",
"url": "https://bugzilla.suse.com/1225183"
},
{
"category": "self",
"summary": "SUSE Bug 1225184",
"url": "https://bugzilla.suse.com/1225184"
},
{
"category": "self",
"summary": "SUSE Bug 1225186",
"url": "https://bugzilla.suse.com/1225186"
},
{
"category": "self",
"summary": "SUSE Bug 1225187",
"url": "https://bugzilla.suse.com/1225187"
},
{
"category": "self",
"summary": "SUSE Bug 1225189",
"url": "https://bugzilla.suse.com/1225189"
},
{
"category": "self",
"summary": "SUSE Bug 1225190",
"url": "https://bugzilla.suse.com/1225190"
},
{
"category": "self",
"summary": "SUSE Bug 1225191",
"url": "https://bugzilla.suse.com/1225191"
},
{
"category": "self",
"summary": "SUSE Bug 1225192",
"url": "https://bugzilla.suse.com/1225192"
},
{
"category": "self",
"summary": "SUSE Bug 1225193",
"url": "https://bugzilla.suse.com/1225193"
},
{
"category": "self",
"summary": "SUSE Bug 1225195",
"url": "https://bugzilla.suse.com/1225195"
},
{
"category": "self",
"summary": "SUSE Bug 1225198",
"url": "https://bugzilla.suse.com/1225198"
},
{
"category": "self",
"summary": "SUSE Bug 1225201",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "self",
"summary": "SUSE Bug 1225203",
"url": "https://bugzilla.suse.com/1225203"
},
{
"category": "self",
"summary": "SUSE Bug 1225205",
"url": "https://bugzilla.suse.com/1225205"
},
{
"category": "self",
"summary": "SUSE Bug 1225206",
"url": "https://bugzilla.suse.com/1225206"
},
{
"category": "self",
"summary": "SUSE Bug 1225207",
"url": "https://bugzilla.suse.com/1225207"
},
{
"category": "self",
"summary": "SUSE Bug 1225208",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "self",
"summary": "SUSE Bug 1225209",
"url": "https://bugzilla.suse.com/1225209"
},
{
"category": "self",
"summary": "SUSE Bug 1225210",
"url": "https://bugzilla.suse.com/1225210"
},
{
"category": "self",
"summary": "SUSE Bug 1225214",
"url": "https://bugzilla.suse.com/1225214"
},
{
"category": "self",
"summary": "SUSE Bug 1225223",
"url": "https://bugzilla.suse.com/1225223"
},
{
"category": "self",
"summary": "SUSE Bug 1225224",
"url": "https://bugzilla.suse.com/1225224"
},
{
"category": "self",
"summary": "SUSE Bug 1225225",
"url": "https://bugzilla.suse.com/1225225"
},
{
"category": "self",
"summary": "SUSE Bug 1225227",
"url": "https://bugzilla.suse.com/1225227"
},
{
"category": "self",
"summary": "SUSE Bug 1225228",
"url": "https://bugzilla.suse.com/1225228"
},
{
"category": "self",
"summary": "SUSE Bug 1225229",
"url": "https://bugzilla.suse.com/1225229"
},
{
"category": "self",
"summary": "SUSE Bug 1225230",
"url": "https://bugzilla.suse.com/1225230"
},
{
"category": "self",
"summary": "SUSE Bug 1225232",
"url": "https://bugzilla.suse.com/1225232"
},
{
"category": "self",
"summary": "SUSE Bug 1225233",
"url": "https://bugzilla.suse.com/1225233"
},
{
"category": "self",
"summary": "SUSE Bug 1225235",
"url": "https://bugzilla.suse.com/1225235"
},
{
"category": "self",
"summary": "SUSE Bug 1225236",
"url": "https://bugzilla.suse.com/1225236"
},
{
"category": "self",
"summary": "SUSE Bug 1225237",
"url": "https://bugzilla.suse.com/1225237"
},
{
"category": "self",
"summary": "SUSE Bug 1225238",
"url": "https://bugzilla.suse.com/1225238"
},
{
"category": "self",
"summary": "SUSE Bug 1225239",
"url": "https://bugzilla.suse.com/1225239"
},
{
"category": "self",
"summary": "SUSE Bug 1225240",
"url": "https://bugzilla.suse.com/1225240"
},
{
"category": "self",
"summary": "SUSE Bug 1225241",
"url": "https://bugzilla.suse.com/1225241"
},
{
"category": "self",
"summary": "SUSE Bug 1225242",
"url": "https://bugzilla.suse.com/1225242"
},
{
"category": "self",
"summary": "SUSE Bug 1225243",
"url": "https://bugzilla.suse.com/1225243"
},
{
"category": "self",
"summary": "SUSE Bug 1225244",
"url": "https://bugzilla.suse.com/1225244"
},
{
"category": "self",
"summary": "SUSE Bug 1225245",
"url": "https://bugzilla.suse.com/1225245"
},
{
"category": "self",
"summary": "SUSE Bug 1225246",
"url": "https://bugzilla.suse.com/1225246"
},
{
"category": "self",
"summary": "SUSE Bug 1225247",
"url": "https://bugzilla.suse.com/1225247"
},
{
"category": "self",
"summary": "SUSE Bug 1225248",
"url": "https://bugzilla.suse.com/1225248"
},
{
"category": "self",
"summary": "SUSE Bug 1225249",
"url": "https://bugzilla.suse.com/1225249"
},
{
"category": "self",
"summary": "SUSE Bug 1225250",
"url": "https://bugzilla.suse.com/1225250"
},
{
"category": "self",
"summary": "SUSE Bug 1225251",
"url": "https://bugzilla.suse.com/1225251"
},
{
"category": "self",
"summary": "SUSE Bug 1225252",
"url": "https://bugzilla.suse.com/1225252"
},
{
"category": "self",
"summary": "SUSE Bug 1225253",
"url": "https://bugzilla.suse.com/1225253"
},
{
"category": "self",
"summary": "SUSE Bug 1225254",
"url": "https://bugzilla.suse.com/1225254"
},
{
"category": "self",
"summary": "SUSE Bug 1225255",
"url": "https://bugzilla.suse.com/1225255"
},
{
"category": "self",
"summary": "SUSE Bug 1225256",
"url": "https://bugzilla.suse.com/1225256"
},
{
"category": "self",
"summary": "SUSE Bug 1225257",
"url": "https://bugzilla.suse.com/1225257"
},
{
"category": "self",
"summary": "SUSE Bug 1225258",
"url": "https://bugzilla.suse.com/1225258"
},
{
"category": "self",
"summary": "SUSE Bug 1225259",
"url": "https://bugzilla.suse.com/1225259"
},
{
"category": "self",
"summary": "SUSE Bug 1225260",
"url": "https://bugzilla.suse.com/1225260"
},
{
"category": "self",
"summary": "SUSE Bug 1225261",
"url": "https://bugzilla.suse.com/1225261"
},
{
"category": "self",
"summary": "SUSE Bug 1225262",
"url": "https://bugzilla.suse.com/1225262"
},
{
"category": "self",
"summary": "SUSE Bug 1225263",
"url": "https://bugzilla.suse.com/1225263"
},
{
"category": "self",
"summary": "SUSE Bug 1225268",
"url": "https://bugzilla.suse.com/1225268"
},
{
"category": "self",
"summary": "SUSE Bug 1225301",
"url": "https://bugzilla.suse.com/1225301"
},
{
"category": "self",
"summary": "SUSE Bug 1225303",
"url": "https://bugzilla.suse.com/1225303"
},
{
"category": "self",
"summary": "SUSE Bug 1225304",
"url": "https://bugzilla.suse.com/1225304"
},
{
"category": "self",
"summary": "SUSE Bug 1225306",
"url": "https://bugzilla.suse.com/1225306"
},
{
"category": "self",
"summary": "SUSE Bug 1225316",
"url": "https://bugzilla.suse.com/1225316"
},
{
"category": "self",
"summary": "SUSE Bug 1225318",
"url": "https://bugzilla.suse.com/1225318"
},
{
"category": "self",
"summary": "SUSE Bug 1225320",
"url": "https://bugzilla.suse.com/1225320"
},
{
"category": "self",
"summary": "SUSE Bug 1225321",
"url": "https://bugzilla.suse.com/1225321"
},
{
"category": "self",
"summary": "SUSE Bug 1225322",
"url": "https://bugzilla.suse.com/1225322"
},
{
"category": "self",
"summary": "SUSE Bug 1225323",
"url": "https://bugzilla.suse.com/1225323"
},
{
"category": "self",
"summary": "SUSE Bug 1225326",
"url": "https://bugzilla.suse.com/1225326"
},
{
"category": "self",
"summary": "SUSE Bug 1225327",
"url": "https://bugzilla.suse.com/1225327"
},
{
"category": "self",
"summary": "SUSE Bug 1225328",
"url": "https://bugzilla.suse.com/1225328"
},
{
"category": "self",
"summary": "SUSE Bug 1225329",
"url": "https://bugzilla.suse.com/1225329"
},
{
"category": "self",
"summary": "SUSE Bug 1225330",
"url": "https://bugzilla.suse.com/1225330"
},
{
"category": "self",
"summary": "SUSE Bug 1225331",
"url": "https://bugzilla.suse.com/1225331"
},
{
"category": "self",
"summary": "SUSE Bug 1225332",
"url": "https://bugzilla.suse.com/1225332"
},
{
"category": "self",
"summary": "SUSE Bug 1225333",
"url": "https://bugzilla.suse.com/1225333"
},
{
"category": "self",
"summary": "SUSE Bug 1225334",
"url": "https://bugzilla.suse.com/1225334"
},
{
"category": "self",
"summary": "SUSE Bug 1225335",
"url": "https://bugzilla.suse.com/1225335"
},
{
"category": "self",
"summary": "SUSE Bug 1225336",
"url": "https://bugzilla.suse.com/1225336"
},
{
"category": "self",
"summary": "SUSE Bug 1225337",
"url": "https://bugzilla.suse.com/1225337"
},
{
"category": "self",
"summary": "SUSE Bug 1225338",
"url": "https://bugzilla.suse.com/1225338"
},
{
"category": "self",
"summary": "SUSE Bug 1225339",
"url": "https://bugzilla.suse.com/1225339"
},
{
"category": "self",
"summary": "SUSE Bug 1225341",
"url": "https://bugzilla.suse.com/1225341"
},
{
"category": "self",
"summary": "SUSE Bug 1225342",
"url": "https://bugzilla.suse.com/1225342"
},
{
"category": "self",
"summary": "SUSE Bug 1225344",
"url": "https://bugzilla.suse.com/1225344"
},
{
"category": "self",
"summary": "SUSE Bug 1225346",
"url": "https://bugzilla.suse.com/1225346"
},
{
"category": "self",
"summary": "SUSE Bug 1225347",
"url": "https://bugzilla.suse.com/1225347"
},
{
"category": "self",
"summary": "SUSE Bug 1225351",
"url": "https://bugzilla.suse.com/1225351"
},
{
"category": "self",
"summary": "SUSE Bug 1225353",
"url": "https://bugzilla.suse.com/1225353"
},
{
"category": "self",
"summary": "SUSE Bug 1225354",
"url": "https://bugzilla.suse.com/1225354"
},
{
"category": "self",
"summary": "SUSE Bug 1225355",
"url": "https://bugzilla.suse.com/1225355"
},
{
"category": "self",
"summary": "SUSE Bug 1225357",
"url": "https://bugzilla.suse.com/1225357"
},
{
"category": "self",
"summary": "SUSE Bug 1225358",
"url": "https://bugzilla.suse.com/1225358"
},
{
"category": "self",
"summary": "SUSE Bug 1225360",
"url": "https://bugzilla.suse.com/1225360"
},
{
"category": "self",
"summary": "SUSE Bug 1225361",
"url": "https://bugzilla.suse.com/1225361"
},
{
"category": "self",
"summary": "SUSE Bug 1225366",
"url": "https://bugzilla.suse.com/1225366"
},
{
"category": "self",
"summary": "SUSE Bug 1225367",
"url": "https://bugzilla.suse.com/1225367"
},
{
"category": "self",
"summary": "SUSE Bug 1225368",
"url": "https://bugzilla.suse.com/1225368"
},
{
"category": "self",
"summary": "SUSE Bug 1225369",
"url": "https://bugzilla.suse.com/1225369"
},
{
"category": "self",
"summary": "SUSE Bug 1225370",
"url": "https://bugzilla.suse.com/1225370"
},
{
"category": "self",
"summary": "SUSE Bug 1225372",
"url": "https://bugzilla.suse.com/1225372"
},
{
"category": "self",
"summary": "SUSE Bug 1225373",
"url": "https://bugzilla.suse.com/1225373"
},
{
"category": "self",
"summary": "SUSE Bug 1225374",
"url": "https://bugzilla.suse.com/1225374"
},
{
"category": "self",
"summary": "SUSE Bug 1225375",
"url": "https://bugzilla.suse.com/1225375"
},
{
"category": "self",
"summary": "SUSE Bug 1225376",
"url": "https://bugzilla.suse.com/1225376"
},
{
"category": "self",
"summary": "SUSE Bug 1225377",
"url": "https://bugzilla.suse.com/1225377"
},
{
"category": "self",
"summary": "SUSE Bug 1225379",
"url": "https://bugzilla.suse.com/1225379"
},
{
"category": "self",
"summary": "SUSE Bug 1225383",
"url": "https://bugzilla.suse.com/1225383"
},
{
"category": "self",
"summary": "SUSE Bug 1225384",
"url": "https://bugzilla.suse.com/1225384"
},
{
"category": "self",
"summary": "SUSE Bug 1225386",
"url": "https://bugzilla.suse.com/1225386"
},
{
"category": "self",
"summary": "SUSE Bug 1225387",
"url": "https://bugzilla.suse.com/1225387"
},
{
"category": "self",
"summary": "SUSE Bug 1225388",
"url": "https://bugzilla.suse.com/1225388"
},
{
"category": "self",
"summary": "SUSE Bug 1225390",
"url": "https://bugzilla.suse.com/1225390"
},
{
"category": "self",
"summary": "SUSE Bug 1225392",
"url": "https://bugzilla.suse.com/1225392"
},
{
"category": "self",
"summary": "SUSE Bug 1225393",
"url": "https://bugzilla.suse.com/1225393"
},
{
"category": "self",
"summary": "SUSE Bug 1225396",
"url": "https://bugzilla.suse.com/1225396"
},
{
"category": "self",
"summary": "SUSE Bug 1225400",
"url": "https://bugzilla.suse.com/1225400"
},
{
"category": "self",
"summary": "SUSE Bug 1225404",
"url": "https://bugzilla.suse.com/1225404"
},
{
"category": "self",
"summary": "SUSE Bug 1225405",
"url": "https://bugzilla.suse.com/1225405"
},
{
"category": "self",
"summary": "SUSE Bug 1225409",
"url": "https://bugzilla.suse.com/1225409"
},
{
"category": "self",
"summary": "SUSE Bug 1225410",
"url": "https://bugzilla.suse.com/1225410"
},
{
"category": "self",
"summary": "SUSE Bug 1225411",
"url": "https://bugzilla.suse.com/1225411"
},
{
"category": "self",
"summary": "SUSE Bug 1225425",
"url": "https://bugzilla.suse.com/1225425"
},
{
"category": "self",
"summary": "SUSE Bug 1225427",
"url": "https://bugzilla.suse.com/1225427"
},
{
"category": "self",
"summary": "SUSE Bug 1225431",
"url": "https://bugzilla.suse.com/1225431"
},
{
"category": "self",
"summary": "SUSE Bug 1225435",
"url": "https://bugzilla.suse.com/1225435"
},
{
"category": "self",
"summary": "SUSE Bug 1225436",
"url": "https://bugzilla.suse.com/1225436"
},
{
"category": "self",
"summary": "SUSE Bug 1225437",
"url": "https://bugzilla.suse.com/1225437"
},
{
"category": "self",
"summary": "SUSE Bug 1225438",
"url": "https://bugzilla.suse.com/1225438"
},
{
"category": "self",
"summary": "SUSE Bug 1225439",
"url": "https://bugzilla.suse.com/1225439"
},
{
"category": "self",
"summary": "SUSE Bug 1225441",
"url": "https://bugzilla.suse.com/1225441"
},
{
"category": "self",
"summary": "SUSE Bug 1225445",
"url": "https://bugzilla.suse.com/1225445"
},
{
"category": "self",
"summary": "SUSE Bug 1225446",
"url": "https://bugzilla.suse.com/1225446"
},
{
"category": "self",
"summary": "SUSE Bug 1225447",
"url": "https://bugzilla.suse.com/1225447"
},
{
"category": "self",
"summary": "SUSE Bug 1225450",
"url": "https://bugzilla.suse.com/1225450"
},
{
"category": "self",
"summary": "SUSE Bug 1225453",
"url": "https://bugzilla.suse.com/1225453"
},
{
"category": "self",
"summary": "SUSE Bug 1225455",
"url": "https://bugzilla.suse.com/1225455"
},
{
"category": "self",
"summary": "SUSE Bug 1225461",
"url": "https://bugzilla.suse.com/1225461"
},
{
"category": "self",
"summary": "SUSE Bug 1225463",
"url": "https://bugzilla.suse.com/1225463"
},
{
"category": "self",
"summary": "SUSE Bug 1225464",
"url": "https://bugzilla.suse.com/1225464"
},
{
"category": "self",
"summary": "SUSE Bug 1225466",
"url": "https://bugzilla.suse.com/1225466"
},
{
"category": "self",
"summary": "SUSE Bug 1225471",
"url": "https://bugzilla.suse.com/1225471"
},
{
"category": "self",
"summary": "SUSE Bug 1225472",
"url": "https://bugzilla.suse.com/1225472"
},
{
"category": "self",
"summary": "SUSE Bug 1225478",
"url": "https://bugzilla.suse.com/1225478"
},
{
"category": "self",
"summary": "SUSE Bug 1225479",
"url": "https://bugzilla.suse.com/1225479"
},
{
"category": "self",
"summary": "SUSE Bug 1225482",
"url": "https://bugzilla.suse.com/1225482"
},
{
"category": "self",
"summary": "SUSE Bug 1225483",
"url": "https://bugzilla.suse.com/1225483"
},
{
"category": "self",
"summary": "SUSE Bug 1225488",
"url": "https://bugzilla.suse.com/1225488"
},
{
"category": "self",
"summary": "SUSE Bug 1225490",
"url": "https://bugzilla.suse.com/1225490"
},
{
"category": "self",
"summary": "SUSE Bug 1225492",
"url": "https://bugzilla.suse.com/1225492"
},
{
"category": "self",
"summary": "SUSE Bug 1225495",
"url": "https://bugzilla.suse.com/1225495"
},
{
"category": "self",
"summary": "SUSE Bug 1225499",
"url": "https://bugzilla.suse.com/1225499"
},
{
"category": "self",
"summary": "SUSE Bug 1225500",
"url": "https://bugzilla.suse.com/1225500"
},
{
"category": "self",
"summary": "SUSE Bug 1225501",
"url": "https://bugzilla.suse.com/1225501"
},
{
"category": "self",
"summary": "SUSE Bug 1225508",
"url": "https://bugzilla.suse.com/1225508"
},
{
"category": "self",
"summary": "SUSE Bug 1225510",
"url": "https://bugzilla.suse.com/1225510"
},
{
"category": "self",
"summary": "SUSE Bug 1225529",
"url": "https://bugzilla.suse.com/1225529"
},
{
"category": "self",
"summary": "SUSE Bug 1225530",
"url": "https://bugzilla.suse.com/1225530"
},
{
"category": "self",
"summary": "SUSE Bug 1225532",
"url": "https://bugzilla.suse.com/1225532"
},
{
"category": "self",
"summary": "SUSE Bug 1225534",
"url": "https://bugzilla.suse.com/1225534"
},
{
"category": "self",
"summary": "SUSE Bug 1225549",
"url": "https://bugzilla.suse.com/1225549"
},
{
"category": "self",
"summary": "SUSE Bug 1225550",
"url": "https://bugzilla.suse.com/1225550"
},
{
"category": "self",
"summary": "SUSE Bug 1225553",
"url": "https://bugzilla.suse.com/1225553"
},
{
"category": "self",
"summary": "SUSE Bug 1225554",
"url": "https://bugzilla.suse.com/1225554"
},
{
"category": "self",
"summary": "SUSE Bug 1225557",
"url": "https://bugzilla.suse.com/1225557"
},
{
"category": "self",
"summary": "SUSE Bug 1225559",
"url": "https://bugzilla.suse.com/1225559"
},
{
"category": "self",
"summary": "SUSE Bug 1225560",
"url": "https://bugzilla.suse.com/1225560"
},
{
"category": "self",
"summary": "SUSE Bug 1225565",
"url": "https://bugzilla.suse.com/1225565"
},
{
"category": "self",
"summary": "SUSE Bug 1225566",
"url": "https://bugzilla.suse.com/1225566"
},
{
"category": "self",
"summary": "SUSE Bug 1225569",
"url": "https://bugzilla.suse.com/1225569"
},
{
"category": "self",
"summary": "SUSE Bug 1225570",
"url": "https://bugzilla.suse.com/1225570"
},
{
"category": "self",
"summary": "SUSE Bug 1225571",
"url": "https://bugzilla.suse.com/1225571"
},
{
"category": "self",
"summary": "SUSE Bug 1225572",
"url": "https://bugzilla.suse.com/1225572"
},
{
"category": "self",
"summary": "SUSE Bug 1225577",
"url": "https://bugzilla.suse.com/1225577"
},
{
"category": "self",
"summary": "SUSE Bug 1225583",
"url": "https://bugzilla.suse.com/1225583"
},
{
"category": "self",
"summary": "SUSE Bug 1225584",
"url": "https://bugzilla.suse.com/1225584"
},
{
"category": "self",
"summary": "SUSE Bug 1225588",
"url": "https://bugzilla.suse.com/1225588"
},
{
"category": "self",
"summary": "SUSE Bug 1225589",
"url": "https://bugzilla.suse.com/1225589"
},
{
"category": "self",
"summary": "SUSE Bug 1225590",
"url": "https://bugzilla.suse.com/1225590"
},
{
"category": "self",
"summary": "SUSE Bug 1225591",
"url": "https://bugzilla.suse.com/1225591"
},
{
"category": "self",
"summary": "SUSE Bug 1225592",
"url": "https://bugzilla.suse.com/1225592"
},
{
"category": "self",
"summary": "SUSE Bug 1225595",
"url": "https://bugzilla.suse.com/1225595"
},
{
"category": "self",
"summary": "SUSE Bug 1225599",
"url": "https://bugzilla.suse.com/1225599"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36788 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43527 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47358 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47359 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47360 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47361 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47362 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47363 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47365 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47366 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47366/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47367 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47368 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47369 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47370 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47371 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47372 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47373 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47374 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47376 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47376/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47378 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47379 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47380 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47381 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47381/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47382 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47382/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47383 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47384 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47385 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47386 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47387 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47387/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47388 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47389 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47390 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47391 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47392 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47392/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47393 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47394 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47394/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47395 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47396 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47397 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47398 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47399 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47400 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47401 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47402 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47403 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47404 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47405 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47406 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47407 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47409 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47410 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47412 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47412/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47413 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47414 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47415 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47416 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47417 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47417/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47418 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47419 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47420 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47421 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47421/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47422 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47422/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47423 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47423/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47424 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47425 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47426 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47427 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47427/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47428 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47428/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47429 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47430 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47430/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47431 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47433 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47433/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47434 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47435 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47436 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47437 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47438 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47439 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47440 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47441 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47442 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47443 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47444 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47445 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47446 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47447 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47448 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47449 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47450 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47450/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47451 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47452 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47453 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47454 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47455 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47456 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47457 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47457/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47458 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47459 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47460 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47461 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47462 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47463 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47464 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47465 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47466 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47467 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47468 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47469 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47470 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47471 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47472 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47473 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47474 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47475 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47476 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47477 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47478 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47479 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47480 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47481 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47482 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47483 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47484 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47485 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47486 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47488 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47489 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47490 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47491 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47492 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47493 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47494 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47495 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47496 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47497 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47498 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47499 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47500 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47501 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47501/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47502 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47503 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47505 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47506 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47507 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47507/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47509 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47510 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47511 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47513 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47514 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47516 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47518 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47520 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47521 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47522 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47523 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47524 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47525 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47526 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47528 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47529 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47533 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47534 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47535 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47536 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47537 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47540 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47541 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47542 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47544 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47549 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47550 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47551 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47553 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47554 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47556 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47558 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47558/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47559 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47560 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47562 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47563 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47564 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47565 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48632 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48634 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48636 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48652 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48671 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48672 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48673 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48675 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48686 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48687 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48688 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48692 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48693 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48694 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48695 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48697 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48699 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48700 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48701 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48702 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48703 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48704 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48708 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48709 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48710 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52654 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52655 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52686 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52690 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52702 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52703 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52707 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52708 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52730 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52733 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52736 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52738 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52739 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52740 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52741 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52742 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52743 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52744 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52745 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52747 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52753 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52754 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52756 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52759 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52763 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52764 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52766 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52774 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52781 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52788 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52789 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52791 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52798 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52799 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52800 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52804 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52805 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52806 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52810 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52811 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52814 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52816 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52817 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52818 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52819 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52821 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52825 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52826 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52832 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52833 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52834 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52838 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52840 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52841 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52844 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52847 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52853 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52854 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52855 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52856 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52858 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52868 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52870 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52871 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52872 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52873 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52875 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52876 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52877 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52878 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52880 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0639 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27413 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35811 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35815 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36926 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36926/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-06-12T16:39:51Z",
"generator": {
"date": "2024-06-12T16:39:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2011-1",
"initial_release_date": "2024-06-12T16:39:51Z",
"revision_history": [
{
"date": "2024-06-12T16:39:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.14.21-150400.15.82.1.noarch",
"product": {
"name": "kernel-devel-rt-5.14.21-150400.15.82.1.noarch",
"product_id": "kernel-devel-rt-5.14.21-150400.15.82.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"product": {
"name": "kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"product_id": "kernel-source-rt-5.14.21-150400.15.82.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product_id": "dlm-kmp-rt-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product_id": "gfs2-kmp-rt-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt-devel-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt-extra-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt-livepatch-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt-optional-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt_debug-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.14.21-150400.15.82.1.x86_64",
"product_id": "kernel-syms-rt-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product_id": "kselftests-kmp-rt-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.14.21-150400.15.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.14.21-150400.15.82.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.14.21-150400.15.82.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap Micro 5.3",
"product_id": "openSUSE Leap Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap Micro 5.4",
"product": {
"name": "openSUSE Leap Micro 5.4",
"product_id": "openSUSE Leap Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap-micro:5.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150400.15.82.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150400.15.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150400.15.82.1.noarch as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150400.15.82.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150400.15.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150400.15.82.1.noarch as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150400.15.82.1.x86_64 as component of openSUSE Leap Micro 5.3",
"product_id": "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150400.15.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150400.15.82.1.x86_64 as component of openSUSE Leap Micro 5.4",
"product_id": "openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150400.15.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap Micro 5.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: avoid a use-after-free when BO init fails\n\nnouveau_bo_init() is backed by ttm_bo_init() and ferries its return code\nback to the caller. On failures, ttm_bo_init() invokes the provided\ndestructor which should de-initialize and free the memory.\n\nThus, when nouveau_bo_init() returns an error the gem object has already\nbeen released and the memory freed by nouveau_bo_del_ttm().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36788",
"url": "https://www.suse.com/security/cve/CVE-2020-36788"
},
{
"category": "external",
"summary": "SUSE Bug 1224816 for CVE-2020-36788",
"url": "https://bugzilla.suse.com/1224816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2020-36788"
},
{
"cve": "CVE-2021-43527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43527"
}
],
"notes": [
{
"category": "general",
"text": "NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \\#7, or PKCS \\#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS \u003c 3.73 and NSS \u003c 3.68.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43527",
"url": "https://www.suse.com/security/cve/CVE-2021-43527"
},
{
"category": "external",
"summary": "SUSE Bug 1193170 for CVE-2021-43527",
"url": "https://bugzilla.suse.com/1193170"
},
{
"category": "external",
"summary": "SUSE Bug 1193331 for CVE-2021-43527",
"url": "https://bugzilla.suse.com/1193331"
},
{
"category": "external",
"summary": "SUSE Bug 1193378 for CVE-2021-43527",
"url": "https://bugzilla.suse.com/1193378"
},
{
"category": "external",
"summary": "SUSE Bug 1194288 for CVE-2021-43527",
"url": "https://bugzilla.suse.com/1194288"
},
{
"category": "external",
"summary": "SUSE Bug 1199301 for CVE-2021-43527",
"url": "https://bugzilla.suse.com/1199301"
},
{
"category": "external",
"summary": "SUSE Bug 1225630 for CVE-2021-43527",
"url": "https://bugzilla.suse.com/1225630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-43527"
},
{
"cve": "CVE-2021-47358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47358"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: greybus: uart: fix tty use after free\n\nUser space can hold a tty open indefinitely and tty drivers must not\nrelease the underlying structures until the last user is gone.\n\nSwitch to using the tty-port reference counter to manage the life time\nof the greybus tty state to avoid use after free after a disconnect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47358",
"url": "https://www.suse.com/security/cve/CVE-2021-47358"
},
{
"category": "external",
"summary": "SUSE Bug 1224920 for CVE-2021-47358",
"url": "https://bugzilla.suse.com/1224920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47358"
},
{
"cve": "CVE-2021-47359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix soft lockup during fsstress\n\nBelow traces are observed during fsstress and system got hung.\n[ 130.698396] watchdog: BUG: soft lockup - CPU#6 stuck for 26s!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47359",
"url": "https://www.suse.com/security/cve/CVE-2021-47359"
},
{
"category": "external",
"summary": "SUSE Bug 1225145 for CVE-2021-47359",
"url": "https://bugzilla.suse.com/1225145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47359"
},
{
"cve": "CVE-2021-47360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: make sure fd closes complete\n\nDuring BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object\ncleanup may close 1 or more fds. The close operations are\ncompleted using the task work mechanism -- which means the thread\nneeds to return to userspace or the file object may never be\ndereferenced -- which can lead to hung processes.\n\nForce the binder thread back to userspace if an fd is closed during\nBC_FREE_BUFFER handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47360",
"url": "https://www.suse.com/security/cve/CVE-2021-47360"
},
{
"category": "external",
"summary": "SUSE Bug 1225122 for CVE-2021-47360",
"url": "https://bugzilla.suse.com/1225122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47360"
},
{
"cve": "CVE-2021-47361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmcb: fix error handling in mcb_alloc_bus()\n\nThere are two bugs:\n1) If ida_simple_get() fails then this code calls put_device(carrier)\n but we haven\u0027t yet called get_device(carrier) and probably that\n leads to a use after free.\n2) After device_initialize() then we need to use put_device() to\n release the bus. This will free the internal resources tied to the\n device and call mcb_free_bus() which will free the rest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47361",
"url": "https://www.suse.com/security/cve/CVE-2021-47361"
},
{
"category": "external",
"summary": "SUSE Bug 1225151 for CVE-2021-47361",
"url": "https://bugzilla.suse.com/1225151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47361"
},
{
"cve": "CVE-2021-47362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Update intermediate power state for SI\n\nUpdate the current state as boot state during dpm initialization.\nDuring the subsequent initialization, set_power_state gets called to\ntransition to the final power state. set_power_state refers to values\nfrom the current state and without current state populated, it could\nresult in NULL pointer dereference.\n\nFor ex: on platforms where PCI speed change is supported through ACPI\nATCS method, the link speed of current state needs to be queried before\ndeciding on changing to final power state\u0027s link speed. The logic to query\nATCS-support was broken on certain platforms. The issue became visible\nwhen broken ATCS-support logic got fixed with commit\nf9b7f3703ff9 (\"drm/amdgpu/acpi: make ATPX/ATCS structures global (v2)\").\n\nBug: https://gitlab.freedesktop.org/drm/amd/-/issues/1698",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47362",
"url": "https://www.suse.com/security/cve/CVE-2021-47362"
},
{
"category": "external",
"summary": "SUSE Bug 1225153 for CVE-2021-47362",
"url": "https://bugzilla.suse.com/1225153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47362"
},
{
"cve": "CVE-2021-47363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47363"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnexthop: Fix division by zero while replacing a resilient group\n\nThe resilient nexthop group torture tests in fib_nexthop.sh exposed a\npossible division by zero while replacing a resilient group [1]. The\ndivision by zero occurs when the data path sees a resilient nexthop\ngroup with zero buckets.\n\nThe tests replace a resilient nexthop group in a loop while traffic is\nforwarded through it. The tests do not specify the number of buckets\nwhile performing the replacement, resulting in the kernel allocating a\nstub resilient table (i.e, \u0027struct nh_res_table\u0027) with zero buckets.\n\nThis table should never be visible to the data path, but the old nexthop\ngroup (i.e., \u0027oldg\u0027) might still be used by the data path when the stub\ntable is assigned to it.\n\nFix this by only assigning the stub table to the old nexthop group after\nmaking sure the group is no longer used by the data path.\n\nTested with fib_nexthops.sh:\n\nTests passed: 222\nTests failed: 0\n\n[1]\n divide error: 0000 [#1] PREEMPT SMP KASAN\n CPU: 0 PID: 1850 Comm: ping Not tainted 5.14.0-custom-10271-ga86eb53057fe #1107\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014\n RIP: 0010:nexthop_select_path+0x2d2/0x1a80\n[...]\n Call Trace:\n fib_select_multipath+0x79b/0x1530\n fib_select_path+0x8fb/0x1c10\n ip_route_output_key_hash_rcu+0x1198/0x2da0\n ip_route_output_key_hash+0x190/0x340\n ip_route_output_flow+0x21/0x120\n raw_sendmsg+0x91d/0x2e10\n inet_sendmsg+0x9e/0xe0\n __sys_sendto+0x23d/0x360\n __x64_sys_sendto+0xe1/0x1b0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47363",
"url": "https://www.suse.com/security/cve/CVE-2021-47363"
},
{
"category": "external",
"summary": "SUSE Bug 1225156 for CVE-2021-47363",
"url": "https://bugzilla.suse.com/1225156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47363"
},
{
"cve": "CVE-2021-47364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47364"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Fix memory leak in compat_insnlist()\n\n`compat_insnlist()` handles the 32-bit version of the `COMEDI_INSNLIST`\nioctl (whenwhen `CONFIG_COMPAT` is enabled). It allocates memory to\ntemporarily hold an array of `struct comedi_insn` converted from the\n32-bit version in user space. This memory is only being freed if there\nis a fault while filling the array, otherwise it is leaked.\n\nAdd a call to `kfree()` to fix the leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47364",
"url": "https://www.suse.com/security/cve/CVE-2021-47364"
},
{
"category": "external",
"summary": "SUSE Bug 1225158 for CVE-2021-47364",
"url": "https://bugzilla.suse.com/1225158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47364"
},
{
"cve": "CVE-2021-47365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47365"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix page leak\n\nThere\u0027s a loop in afs_extend_writeback() that adds extra pages to a write\nwe want to make to improve the efficiency of the writeback by making it\nlarger. This loop stops, however, if we hit a page we can\u0027t write back\nfrom immediately, but it doesn\u0027t get rid of the page ref we speculatively\nacquired.\n\nThis was caused by the removal of the cleanup loop when the code switched\nfrom using find_get_pages_contig() to xarray scanning as the latter only\ngets a single page at a time, not a batch.\n\nFix this by putting the page on a ref on an early break from the loop.\nUnfortunately, we can\u0027t just add that page to the pagevec we\u0027re employing\nas we\u0027ll go through that and add those pages to the RPC call.\n\nThis was found by the generic/074 test. It leaks ~4GiB of RAM each time it\nis run - which can be observed with \"top\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47365",
"url": "https://www.suse.com/security/cve/CVE-2021-47365"
},
{
"category": "external",
"summary": "SUSE Bug 1224895 for CVE-2021-47365",
"url": "https://bugzilla.suse.com/1224895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47365"
},
{
"cve": "CVE-2021-47366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47366"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server\n\nAFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and\nLinux\u0027s afs client switches between them when talking to a non-YFS server\nif the read size, the file position or the sum of the two have the upper 32\nbits set of the 64-bit value.\n\nThis is a problem, however, since the file position and length fields of\nFS.FetchData are *signed* 32-bit values.\n\nFix this by capturing the capability bits obtained from the fileserver when\nit\u0027s sent an FS.GetCapabilities RPC, rather than just discarding them, and\nthen picking out the VICED_CAPABILITY_64BITFILES flag. This can then be\nused to decide whether to use FS.FetchData or FS.FetchData64 - and also\nFS.StoreData or FS.StoreData64 - rather than using upper_32_bits() to\nswitch on the parameter values.\n\nThis capabilities flag could also be used to limit the maximum size of the\nfile, but all servers must be checked for that.\n\nNote that the issue does not exist with FS.StoreData - that uses *unsigned*\n32-bit values. It\u0027s also not a problem with Auristor servers as its\nYFS.FetchData64 op uses unsigned 64-bit values.\n\nThis can be tested by cloning a git repo through an OpenAFS client to an\nOpenAFS server and then doing \"git status\" on it from a Linux afs\nclient[1]. Provided the clone has a pack file that\u0027s in the 2G-4G range,\nthe git status will show errors like:\n\n\terror: packfile .git/objects/pack/pack-5e813c51d12b6847bbc0fcd97c2bca66da50079c.pack does not match index\n\terror: packfile .git/objects/pack/pack-5e813c51d12b6847bbc0fcd97c2bca66da50079c.pack does not match index\n\nThis can be observed in the server\u0027s FileLog with something like the\nfollowing appearing:\n\nSun Aug 29 19:31:39 2021 SRXAFS_FetchData, Fid = 2303380852.491776.3263114, Host 192.168.11.201:7001, Id 1001\nSun Aug 29 19:31:39 2021 CheckRights: len=0, for host=192.168.11.201:7001\nSun Aug 29 19:31:39 2021 FetchData_RXStyle: Pos 18446744071815340032, Len 3154\nSun Aug 29 19:31:39 2021 FetchData_RXStyle: file size 2400758866\n...\nSun Aug 29 19:31:40 2021 SRXAFS_FetchData returns 5\n\nNote the file position of 18446744071815340032. This is the requested file\nposition sign-extended.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47366",
"url": "https://www.suse.com/security/cve/CVE-2021-47366"
},
{
"category": "external",
"summary": "SUSE Bug 1225160 for CVE-2021-47366",
"url": "https://bugzilla.suse.com/1225160"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47366"
},
{
"cve": "CVE-2021-47367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47367"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: fix pages leaking when building skb in big mode\n\nWe try to use build_skb() if we had sufficient tailroom. But we forget\nto release the unused pages chained via private in big mode which will\nleak pages. Fixing this by release the pages after building the skb in\nbig mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47367",
"url": "https://www.suse.com/security/cve/CVE-2021-47367"
},
{
"category": "external",
"summary": "SUSE Bug 1225123 for CVE-2021-47367",
"url": "https://bugzilla.suse.com/1225123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47367"
},
{
"cve": "CVE-2021-47368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47368"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nenetc: Fix illegal access when reading affinity_hint\n\nirq_set_affinity_hit() stores a reference to the cpumask_t\nparameter in the irq descriptor, and that reference can be\naccessed later from irq_affinity_hint_proc_show(). Since\nthe cpu_mask parameter passed to irq_set_affinity_hit() has\nonly temporary storage (it\u0027s on the stack memory), later\naccesses to it are illegal. Thus reads from the corresponding\nprocfs affinity_hint file can result in paging request oops.\n\nThe issue is fixed by the get_cpu_mask() helper, which provides\na permanent storage for the cpumask_t parameter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47368",
"url": "https://www.suse.com/security/cve/CVE-2021-47368"
},
{
"category": "external",
"summary": "SUSE Bug 1225161 for CVE-2021-47368",
"url": "https://bugzilla.suse.com/1225161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47368"
},
{
"cve": "CVE-2021-47369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47369"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: fix NULL deref in qeth_clear_working_pool_list()\n\nWhen qeth_set_online() calls qeth_clear_working_pool_list() to roll\nback after an error exit from qeth_hardsetup_card(), we are at risk of\naccessing card-\u003eqdio.in_q before it was allocated by\nqeth_alloc_qdio_queues() via qeth_mpc_initialize().\n\nqeth_clear_working_pool_list() then dereferences NULL, and by writing to\nqueue-\u003ebufs[i].pool_entry scribbles all over the CPU\u0027s lowcore.\nResulting in a crash when those lowcore areas are used next (eg. on\nthe next machine-check interrupt).\n\nSuch a scenario would typically happen when the device is first set\nonline and its queues aren\u0027t allocated yet. An early IO error or certain\nmisconfigs (eg. mismatched transport mode, bad portno) then cause us to\nerror out from qeth_hardsetup_card() with card-\u003eqdio.in_q still being\nNULL.\n\nFix it by checking the pointer for NULL before accessing it.\n\nNote that we also have (rare) paths inside qeth_mpc_initialize() where\na configuration change can cause us to free the existing queues,\nexpecting that subsequent code will allocate them again. If we then\nerror out before that re-allocation happens, the same bug occurs.\n\nRoot-caused-by: Heiko Carstens \u003chca@linux.ibm.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47369",
"url": "https://www.suse.com/security/cve/CVE-2021-47369"
},
{
"category": "external",
"summary": "SUSE Bug 1225164 for CVE-2021-47369",
"url": "https://bugzilla.suse.com/1225164"
},
{
"category": "external",
"summary": "SUSE Bug 1227324 for CVE-2021-47369",
"url": "https://bugzilla.suse.com/1227324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47369"
},
{
"cve": "CVE-2021-47370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47370"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure tx skbs always have the MPTCP ext\n\nDue to signed/unsigned comparison, the expression:\n\n\tinfo-\u003esize_goal - skb-\u003elen \u003e 0\n\nevaluates to true when the size goal is smaller than the\nskb size. That results in lack of tx cache refill, so that\nthe skb allocated by the core TCP code lacks the required\nMPTCP skb extensions.\n\nDue to the above, syzbot is able to trigger the following WARN_ON():\n\nWARNING: CPU: 1 PID: 810 at net/mptcp/protocol.c:1366 mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nModules linked in:\nCPU: 1 PID: 810 Comm: syz-executor.4 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nCode: ff 4c 8b 74 24 50 48 8b 5c 24 58 e9 0f fb ff ff e8 13 44 8b f8 4c 89 e7 45 31 ed e8 98 57 2e fe e9 81 f4 ff ff e8 fe 43 8b f8 \u003c0f\u003e 0b 41 bd ea ff ff ff e9 6f f4 ff ff 4c 89 e7 e8 b9 8e d2 f8 e9\nRSP: 0018:ffffc9000531f6a0 EFLAGS: 00010216\nRAX: 000000000000697f RBX: 0000000000000000 RCX: ffffc90012107000\nRDX: 0000000000040000 RSI: ffffffff88eac9e2 RDI: 0000000000000003\nRBP: ffff888078b15780 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff88eac017 R11: 0000000000000000 R12: ffff88801de0a280\nR13: 0000000000006b58 R14: ffff888066278280 R15: ffff88803c2fe9c0\nFS: 00007fd9f866e700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007faebcb2f718 CR3: 00000000267cb000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n __mptcp_push_pending+0x1fb/0x6b0 net/mptcp/protocol.c:1547\n mptcp_release_cb+0xfe/0x210 net/mptcp/protocol.c:3003\n release_sock+0xb4/0x1b0 net/core/sock.c:3206\n sk_stream_wait_memory+0x604/0xed0 net/core/stream.c:145\n mptcp_sendmsg+0xc39/0x1bc0 net/mptcp/protocol.c:1749\n inet6_sendmsg+0x99/0xe0 net/ipv6/af_inet6.c:643\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n sock_write_iter+0x2a0/0x3e0 net/socket.c:1057\n call_write_iter include/linux/fs.h:2163 [inline]\n new_sync_write+0x40b/0x640 fs/read_write.c:507\n vfs_write+0x7cf/0xae0 fs/read_write.c:594\n ksys_write+0x1ee/0x250 fs/read_write.c:647\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x4665f9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd9f866e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665f9\nRDX: 00000000000e7b78 RSI: 0000000020000000 RDI: 0000000000000003\nRBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038\nR13: 0000000000a9fb1f R14: 00007fd9f866e300 R15: 0000000000022000\n\nFix the issue rewriting the relevant expression to avoid\nsign-related problems - note: size_goal is always \u003e= 0.\n\nAdditionally, ensure that the skb in the tx cache always carries\nthe relevant extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47370",
"url": "https://www.suse.com/security/cve/CVE-2021-47370"
},
{
"category": "external",
"summary": "SUSE Bug 1225183 for CVE-2021-47370",
"url": "https://bugzilla.suse.com/1225183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47370"
},
{
"cve": "CVE-2021-47371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47371"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnexthop: Fix memory leaks in nexthop notification chain listeners\n\nsyzkaller discovered memory leaks [1] that can be reduced to the\nfollowing commands:\n\n # ip nexthop add id 1 blackhole\n # devlink dev reload pci/0000:06:00.0\n\nAs part of the reload flow, mlxsw will unregister its netdevs and then\nunregister from the nexthop notification chain. Before unregistering\nfrom the notification chain, mlxsw will receive delete notifications for\nnexthop objects using netdevs registered by mlxsw or their uppers. mlxsw\nwill not receive notifications for nexthops using netdevs that are not\ndismantled as part of the reload flow. For example, the blackhole\nnexthop above that internally uses the loopback netdev as its nexthop\ndevice.\n\nOne way to fix this problem is to have listeners flush their nexthop\ntables after unregistering from the notification chain. This is\nerror-prone as evident by this patch and also not symmetric with the\nregistration path where a listener receives a dump of all the existing\nnexthops.\n\nTherefore, fix this problem by replaying delete notifications for the\nlistener being unregistered. This is symmetric to the registration path\nand also consistent with the netdev notification chain.\n\nThe above means that unregister_nexthop_notifier(), like\nregister_nexthop_notifier(), will have to take RTNL in order to iterate\nover the existing nexthops and that any callers of the function cannot\nhold RTNL. This is true for mlxsw and netdevsim, but not for the VXLAN\ndriver. To avoid a deadlock, change the latter to unregister its nexthop\nlistener without holding RTNL, making it symmetric to the registration\npath.\n\n[1]\nunreferenced object 0xffff88806173d600 (size 512):\n comm \"syz-executor.0\", pid 1290, jiffies 4295583142 (age 143.507s)\n hex dump (first 32 bytes):\n 41 9d 1e 60 80 88 ff ff 08 d6 73 61 80 88 ff ff A..`......sa....\n 08 d6 73 61 80 88 ff ff 01 00 00 00 00 00 00 00 ..sa............\n backtrace:\n [\u003cffffffff81a6b576\u003e] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]\n [\u003cffffffff81a6b576\u003e] slab_post_alloc_hook+0x96/0x490 mm/slab.h:522\n [\u003cffffffff81a716d3\u003e] slab_alloc_node mm/slub.c:3206 [inline]\n [\u003cffffffff81a716d3\u003e] slab_alloc mm/slub.c:3214 [inline]\n [\u003cffffffff81a716d3\u003e] kmem_cache_alloc_trace+0x163/0x370 mm/slub.c:3231\n [\u003cffffffff82e8681a\u003e] kmalloc include/linux/slab.h:591 [inline]\n [\u003cffffffff82e8681a\u003e] kzalloc include/linux/slab.h:721 [inline]\n [\u003cffffffff82e8681a\u003e] mlxsw_sp_nexthop_obj_group_create drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:4918 [inline]\n [\u003cffffffff82e8681a\u003e] mlxsw_sp_nexthop_obj_new drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:5054 [inline]\n [\u003cffffffff82e8681a\u003e] mlxsw_sp_nexthop_obj_event+0x59a/0x2910 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:5239\n [\u003cffffffff813ef67d\u003e] notifier_call_chain+0xbd/0x210 kernel/notifier.c:83\n [\u003cffffffff813f0662\u003e] blocking_notifier_call_chain kernel/notifier.c:318 [inline]\n [\u003cffffffff813f0662\u003e] blocking_notifier_call_chain+0x72/0xa0 kernel/notifier.c:306\n [\u003cffffffff8384b9c6\u003e] call_nexthop_notifiers+0x156/0x310 net/ipv4/nexthop.c:244\n [\u003cffffffff83852bd8\u003e] insert_nexthop net/ipv4/nexthop.c:2336 [inline]\n [\u003cffffffff83852bd8\u003e] nexthop_add net/ipv4/nexthop.c:2644 [inline]\n [\u003cffffffff83852bd8\u003e] rtm_new_nexthop+0x14e8/0x4d10 net/ipv4/nexthop.c:2913\n [\u003cffffffff833e9a78\u003e] rtnetlink_rcv_msg+0x448/0xbf0 net/core/rtnetlink.c:5572\n [\u003cffffffff83608703\u003e] netlink_rcv_skb+0x173/0x480 net/netlink/af_netlink.c:2504\n [\u003cffffffff833de032\u003e] rtnetlink_rcv+0x22/0x30 net/core/rtnetlink.c:5590\n [\u003cffffffff836069de\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n [\u003cffffffff836069de\u003e] netlink_unicast+0x5ae/0x7f0 net/netlink/af_netlink.c:1340\n [\u003cffffffff83607501\u003e] netlink_sendmsg+0x8e1/0xe30 net/netlink/af_netlink.c:1929\n [\u003cffffffff832fde84\u003e] sock_sendmsg_nosec net/socket.c:704 [inline\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47371",
"url": "https://www.suse.com/security/cve/CVE-2021-47371"
},
{
"category": "external",
"summary": "SUSE Bug 1225167 for CVE-2021-47371",
"url": "https://bugzilla.suse.com/1225167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47371"
},
{
"cve": "CVE-2021-47372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47372"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: fix use after free on rmmod\n\nplat_dev-\u003edev-\u003eplatform_data is released by platform_device_unregister(),\nuse of pclk and hclk is a use-after-free. Since device unregister won\u0027t\nneed a clk device we adjust the function call sequence to fix this issue.\n\n[ 31.261225] BUG: KASAN: use-after-free in macb_remove+0x77/0xc6 [macb_pci]\n[ 31.275563] Freed by task 306:\n[ 30.276782] platform_device_release+0x25/0x80",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47372",
"url": "https://www.suse.com/security/cve/CVE-2021-47372"
},
{
"category": "external",
"summary": "SUSE Bug 1225184 for CVE-2021-47372",
"url": "https://bugzilla.suse.com/1225184"
},
{
"category": "external",
"summary": "SUSE Bug 1229946 for CVE-2021-47372",
"url": "https://bugzilla.suse.com/1229946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47372"
},
{
"cve": "CVE-2021-47373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47373"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Fix potential VPE leak on error\n\nIn its_vpe_irq_domain_alloc, when its_vpe_init() returns an error,\nthere is an off-by-one in the number of VPEs to be freed.\n\nFix it by simply passing the number of VPEs allocated, which is the\nindex of the loop iterating over the VPEs.\n\n[maz: fixed commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47373",
"url": "https://www.suse.com/security/cve/CVE-2021-47373"
},
{
"category": "external",
"summary": "SUSE Bug 1225190 for CVE-2021-47373",
"url": "https://bugzilla.suse.com/1225190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47373"
},
{
"cve": "CVE-2021-47374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47374"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-debug: prevent an error message from causing runtime problems\n\nFor some drivers, that use the DMA API. This error message can be reached\nseveral millions of times per second, causing spam to the kernel\u0027s printk\nbuffer and bringing the CPU usage up to 100% (so, it should be rate\nlimited). However, since there is at least one driver that is in the\nmainline and suffers from the error condition, it is more useful to\nerr_printk() here instead of just rate limiting the error message (in hopes\nthat it will make it easier for other drivers that suffer from this issue\nto be spotted).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47374",
"url": "https://www.suse.com/security/cve/CVE-2021-47374"
},
{
"category": "external",
"summary": "SUSE Bug 1225191 for CVE-2021-47374",
"url": "https://bugzilla.suse.com/1225191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47374"
},
{
"cve": "CVE-2021-47375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47375"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblktrace: Fix uaf in blk_trace access after removing by sysfs\n\nThere is an use-after-free problem triggered by following process:\n\n P1(sda)\t\t\t\tP2(sdb)\n\t\t\techo 0 \u003e /sys/block/sdb/trace/enable\n\t\t\t blk_trace_remove_queue\n\t\t\t synchronize_rcu\n\t\t\t blk_trace_free\n\t\t\t relay_close\nrcu_read_lock\n__blk_add_trace\n trace_note_tsk\n (Iterate running_trace_list)\n\t\t\t relay_close_buf\n\t\t\t\t relay_destroy_buf\n\t\t\t\t kfree(buf)\n trace_note(sdb\u0027s bt)\n relay_reserve\n buf-\u003eoffset \u003c- nullptr deference (use-after-free) !!!\nrcu_read_unlock\n\n[ 502.714379] BUG: kernel NULL pointer dereference, address:\n0000000000000010\n[ 502.715260] #PF: supervisor read access in kernel mode\n[ 502.715903] #PF: error_code(0x0000) - not-present page\n[ 502.716546] PGD 103984067 P4D 103984067 PUD 17592b067 PMD 0\n[ 502.717252] Oops: 0000 [#1] SMP\n[ 502.720308] RIP: 0010:trace_note.isra.0+0x86/0x360\n[ 502.732872] Call Trace:\n[ 502.733193] __blk_add_trace.cold+0x137/0x1a3\n[ 502.733734] blk_add_trace_rq+0x7b/0xd0\n[ 502.734207] blk_add_trace_rq_issue+0x54/0xa0\n[ 502.734755] blk_mq_start_request+0xde/0x1b0\n[ 502.735287] scsi_queue_rq+0x528/0x1140\n...\n[ 502.742704] sg_new_write.isra.0+0x16e/0x3e0\n[ 502.747501] sg_ioctl+0x466/0x1100\n\nReproduce method:\n ioctl(/dev/sda, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sda, BLKTRACESTART)\n ioctl(/dev/sdb, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sdb, BLKTRACESTART)\n\n echo 0 \u003e /sys/block/sdb/trace/enable \u0026\n // Add delay(mdelay/msleep) before kernel enters blk_trace_free()\n\n ioctl$SG_IO(/dev/sda, SG_IO, ...)\n // Enters trace_note_tsk() after blk_trace_free() returned\n // Use mdelay in rcu region rather than msleep(which may schedule out)\n\nRemove blk_trace from running_list before calling blk_trace_free() by\nsysfs if blk_trace is at Blktrace_running state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47375",
"url": "https://www.suse.com/security/cve/CVE-2021-47375"
},
{
"category": "external",
"summary": "SUSE Bug 1225193 for CVE-2021-47375",
"url": "https://bugzilla.suse.com/1225193"
},
{
"category": "external",
"summary": "SUSE Bug 1225194 for CVE-2021-47375",
"url": "https://bugzilla.suse.com/1225194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47375"
},
{
"cve": "CVE-2021-47376",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47376"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add oversize check before call kvcalloc()\n\nCommit 7661809d493b (\"mm: don\u0027t allow oversized kvmalloc() calls\") add the\noversize check. When the allocation is larger than what kmalloc() supports,\nthe following warning triggered:\n\nWARNING: CPU: 0 PID: 8408 at mm/util.c:597 kvmalloc_node+0x108/0x110 mm/util.c:597\nModules linked in:\nCPU: 0 PID: 8408 Comm: syz-executor221 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:kvmalloc_node+0x108/0x110 mm/util.c:597\nCall Trace:\n kvmalloc include/linux/mm.h:806 [inline]\n kvmalloc_array include/linux/mm.h:824 [inline]\n kvcalloc include/linux/mm.h:829 [inline]\n check_btf_line kernel/bpf/verifier.c:9925 [inline]\n check_btf_info kernel/bpf/verifier.c:10049 [inline]\n bpf_check+0xd634/0x150d0 kernel/bpf/verifier.c:13759\n bpf_prog_load kernel/bpf/syscall.c:2301 [inline]\n __sys_bpf+0x11181/0x126e0 kernel/bpf/syscall.c:4587\n __do_sys_bpf kernel/bpf/syscall.c:4691 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:4689 [inline]\n __x64_sys_bpf+0x78/0x90 kernel/bpf/syscall.c:4689\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47376",
"url": "https://www.suse.com/security/cve/CVE-2021-47376"
},
{
"category": "external",
"summary": "SUSE Bug 1225195 for CVE-2021-47376",
"url": "https://bugzilla.suse.com/1225195"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47376"
},
{
"cve": "CVE-2021-47378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: destroy cm id before destroy qp to avoid use after free\n\nWe should always destroy cm_id before destroy qp to avoid to get cma\nevent after qp was destroyed, which may lead to use after free.\nIn RDMA connection establishment error flow, don\u0027t destroy qp in cm\nevent handler.Just report cm_error to upper level, qp will be destroy\nin nvme_rdma_alloc_queue() after destroy cm id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47378",
"url": "https://www.suse.com/security/cve/CVE-2021-47378"
},
{
"category": "external",
"summary": "SUSE Bug 1225201 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "external",
"summary": "SUSE Bug 1225202 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47378"
},
{
"cve": "CVE-2021-47379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd\n\nKASAN reports a use-after-free report when doing fuzz test:\n\n[693354.104835] ==================================================================\n[693354.105094] BUG: KASAN: use-after-free in bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105336] Read of size 4 at addr ffff888be0a35664 by task sh/1453338\n\n[693354.105607] CPU: 41 PID: 1453338 Comm: sh Kdump: loaded Not tainted 4.18.0-147\n[693354.105610] Hardware name: Huawei 2288H V5/BC11SPSCB0, BIOS 0.81 07/02/2018\n[693354.105612] Call Trace:\n[693354.105621] dump_stack+0xf1/0x19b\n[693354.105626] ? show_regs_print_info+0x5/0x5\n[693354.105634] ? printk+0x9c/0xc3\n[693354.105638] ? cpumask_weight+0x1f/0x1f\n[693354.105648] print_address_description+0x70/0x360\n[693354.105654] kasan_report+0x1b2/0x330\n[693354.105659] ? bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105665] ? bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105670] bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105675] ? bfq_cpd_init+0x20/0x20\n[693354.105683] cgroup_file_write+0x3aa/0x510\n[693354.105693] ? ___slab_alloc+0x507/0x540\n[693354.105698] ? cgroup_file_poll+0x60/0x60\n[693354.105702] ? 0xffffffff89600000\n[693354.105708] ? usercopy_abort+0x90/0x90\n[693354.105716] ? mutex_lock+0xef/0x180\n[693354.105726] kernfs_fop_write+0x1ab/0x280\n[693354.105732] ? cgroup_file_poll+0x60/0x60\n[693354.105738] vfs_write+0xe7/0x230\n[693354.105744] ksys_write+0xb0/0x140\n[693354.105749] ? __ia32_sys_read+0x50/0x50\n[693354.105760] do_syscall_64+0x112/0x370\n[693354.105766] ? syscall_return_slowpath+0x260/0x260\n[693354.105772] ? do_page_fault+0x9b/0x270\n[693354.105779] ? prepare_exit_to_usermode+0xf9/0x1a0\n[693354.105784] ? enter_from_user_mode+0x30/0x30\n[693354.105793] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.105875] Allocated by task 1453337:\n[693354.106001] kasan_kmalloc+0xa0/0xd0\n[693354.106006] kmem_cache_alloc_node_trace+0x108/0x220\n[693354.106010] bfq_pd_alloc+0x96/0x120\n[693354.106015] blkcg_activate_policy+0x1b7/0x2b0\n[693354.106020] bfq_create_group_hierarchy+0x1e/0x80\n[693354.106026] bfq_init_queue+0x678/0x8c0\n[693354.106031] blk_mq_init_sched+0x1f8/0x460\n[693354.106037] elevator_switch_mq+0xe1/0x240\n[693354.106041] elevator_switch+0x25/0x40\n[693354.106045] elv_iosched_store+0x1a1/0x230\n[693354.106049] queue_attr_store+0x78/0xb0\n[693354.106053] kernfs_fop_write+0x1ab/0x280\n[693354.106056] vfs_write+0xe7/0x230\n[693354.106060] ksys_write+0xb0/0x140\n[693354.106064] do_syscall_64+0x112/0x370\n[693354.106069] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.106114] Freed by task 1453336:\n[693354.106225] __kasan_slab_free+0x130/0x180\n[693354.106229] kfree+0x90/0x1b0\n[693354.106233] blkcg_deactivate_policy+0x12c/0x220\n[693354.106238] bfq_exit_queue+0xf5/0x110\n[693354.106241] blk_mq_exit_sched+0x104/0x130\n[693354.106245] __elevator_exit+0x45/0x60\n[693354.106249] elevator_switch_mq+0xd6/0x240\n[693354.106253] elevator_switch+0x25/0x40\n[693354.106257] elv_iosched_store+0x1a1/0x230\n[693354.106261] queue_attr_store+0x78/0xb0\n[693354.106264] kernfs_fop_write+0x1ab/0x280\n[693354.106268] vfs_write+0xe7/0x230\n[693354.106271] ksys_write+0xb0/0x140\n[693354.106275] do_syscall_64+0x112/0x370\n[693354.106280] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.106329] The buggy address belongs to the object at ffff888be0a35580\n which belongs to the cache kmalloc-1k of size 1024\n[693354.106736] The buggy address is located 228 bytes inside of\n 1024-byte region [ffff888be0a35580, ffff888be0a35980)\n[693354.107114] The buggy address belongs to the page:\n[693354.107273] page:ffffea002f828c00 count:1 mapcount:0 mapping:ffff888107c17080 index:0x0 compound_mapcount: 0\n[693354.107606] flags: 0x17ffffc0008100(slab|head)\n[693354.107760] raw: 0017ffffc0008100 ffffea002fcbc808 ffffea0030bd3a08 ffff888107c17080\n[693354.108020] r\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47379",
"url": "https://www.suse.com/security/cve/CVE-2021-47379"
},
{
"category": "external",
"summary": "SUSE Bug 1225203 for CVE-2021-47379",
"url": "https://bugzilla.suse.com/1225203"
},
{
"category": "external",
"summary": "SUSE Bug 1225204 for CVE-2021-47379",
"url": "https://bugzilla.suse.com/1225204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47379"
},
{
"cve": "CVE-2021-47380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47380"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: Fix potential NULL pointer dereference\n\ndevm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at\nregistration that will cause NULL pointer dereference since\ncorresponding data is not initialized yet. The patch moves\ninitialization of data before devm_add_action_or_reset().\n\nFound by Linux Driver Verification project (linuxtesting.org).\n\n[jkosina@suse.cz: rebase]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47380",
"url": "https://www.suse.com/security/cve/CVE-2021-47380"
},
{
"category": "external",
"summary": "SUSE Bug 1225205 for CVE-2021-47380",
"url": "https://bugzilla.suse.com/1225205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47380"
},
{
"cve": "CVE-2021-47381",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47381"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Fix DSP oops stack dump output contents\n\nFix @buf arg given to hex_dump_to_buffer() and stack address used\nin dump error output.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47381",
"url": "https://www.suse.com/security/cve/CVE-2021-47381"
},
{
"category": "external",
"summary": "SUSE Bug 1225206 for CVE-2021-47381",
"url": "https://bugzilla.suse.com/1225206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47381"
},
{
"cve": "CVE-2021-47382",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47382"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: fix deadlock during failing recovery\n\nCommit 0b9902c1fcc5 (\"s390/qeth: fix deadlock during recovery\") removed\ntaking discipline_mutex inside qeth_do_reset(), fixing potential\ndeadlocks. An error path was missed though, that still takes\ndiscipline_mutex and thus has the original deadlock potential.\n\nIntermittent deadlocks were seen when a qeth channel path is configured\noffline, causing a race between qeth_do_reset and ccwgroup_remove.\nCall qeth_set_offline() directly in the qeth_do_reset() error case and\nthen a new variant of ccwgroup_set_offline(), without taking\ndiscipline_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47382",
"url": "https://www.suse.com/security/cve/CVE-2021-47382"
},
{
"category": "external",
"summary": "SUSE Bug 1225207 for CVE-2021-47382",
"url": "https://bugzilla.suse.com/1225207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47382"
},
{
"cve": "CVE-2021-47383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn\u0027t call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display-\u003evrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47383",
"url": "https://www.suse.com/security/cve/CVE-2021-47383"
},
{
"category": "external",
"summary": "SUSE Bug 1225208 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "external",
"summary": "SUSE Bug 1225211 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47383"
},
{
"cve": "CVE-2021-47384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47384"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field\n\nIf driver read tmp value sufficient for\n(tmp \u0026 0x08) \u0026\u0026 (!(tmp \u0026 0x80)) \u0026\u0026 ((tmp \u0026 0x7) == ((tmp \u003e\u003e 4) \u0026 0x7))\nfrom device then Null pointer dereference occurs.\n(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)\nAlso lm75[] does not serve a purpose anymore after switching to\ndevm_i2c_new_dummy_device() in w83791d_detect_subclients().\n\nThe patch fixes possible NULL pointer dereference by removing lm75[].\n\nFound by Linux Driver Verification project (linuxtesting.org).\n\n[groeck: Dropped unnecessary continuation lines, fixed multi-line alignments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47384",
"url": "https://www.suse.com/security/cve/CVE-2021-47384"
},
{
"category": "external",
"summary": "SUSE Bug 1225209 for CVE-2021-47384",
"url": "https://bugzilla.suse.com/1225209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47384"
},
{
"cve": "CVE-2021-47385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47385"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field\n\nIf driver read val value sufficient for\n(val \u0026 0x08) \u0026\u0026 (!(val \u0026 0x80)) \u0026\u0026 ((val \u0026 0x7) == ((val \u003e\u003e 4) \u0026 0x7))\nfrom device then Null pointer dereference occurs.\n(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)\nAlso lm75[] does not serve a purpose anymore after switching to\ndevm_i2c_new_dummy_device() in w83791d_detect_subclients().\n\nThe patch fixes possible NULL pointer dereference by removing lm75[].\n\nFound by Linux Driver Verification project (linuxtesting.org).\n\n[groeck: Dropped unnecessary continuation lines, fixed multipline alignment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47385",
"url": "https://www.suse.com/security/cve/CVE-2021-47385"
},
{
"category": "external",
"summary": "SUSE Bug 1225210 for CVE-2021-47385",
"url": "https://bugzilla.suse.com/1225210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47385"
},
{
"cve": "CVE-2021-47386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47386"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field\n\nIf driver read val value sufficient for\n(val \u0026 0x08) \u0026\u0026 (!(val \u0026 0x80)) \u0026\u0026 ((val \u0026 0x7) == ((val \u003e\u003e 4) \u0026 0x7))\nfrom device then Null pointer dereference occurs.\n(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)\nAlso lm75[] does not serve a purpose anymore after switching to\ndevm_i2c_new_dummy_device() in w83791d_detect_subclients().\n\nThe patch fixes possible NULL pointer dereference by removing lm75[].\n\nFound by Linux Driver Verification project (linuxtesting.org).\n\n[groeck: Dropped unnecessary continuation lines, fixed multi-line alignment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47386",
"url": "https://www.suse.com/security/cve/CVE-2021-47386"
},
{
"category": "external",
"summary": "SUSE Bug 1225268 for CVE-2021-47386",
"url": "https://bugzilla.suse.com/1225268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47386"
},
{
"cve": "CVE-2021-47387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47387"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: schedutil: Use kobject release() method to free sugov_tunables\n\nThe struct sugov_tunables is protected by the kobject, so we can\u0027t free\nit directly. Otherwise we would get a call trace like this:\n ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x30\n WARNING: CPU: 3 PID: 720 at lib/debugobjects.c:505 debug_print_object+0xb8/0x100\n Modules linked in:\n CPU: 3 PID: 720 Comm: a.sh Tainted: G W 5.14.0-rc1-next-20210715-yocto-standard+ #507\n Hardware name: Marvell OcteonTX CN96XX board (DT)\n pstate: 40400009 (nZcv daif +PAN -UAO -TCO BTYPE=--)\n pc : debug_print_object+0xb8/0x100\n lr : debug_print_object+0xb8/0x100\n sp : ffff80001ecaf910\n x29: ffff80001ecaf910 x28: ffff00011b10b8d0 x27: ffff800011043d80\n x26: ffff00011a8f0000 x25: ffff800013cb3ff0 x24: 0000000000000000\n x23: ffff80001142aa68 x22: ffff800011043d80 x21: ffff00010de46f20\n x20: ffff800013c0c520 x19: ffff800011d8f5b0 x18: 0000000000000010\n x17: 6e6968207473696c x16: 5f72656d6974203a x15: 6570797420746365\n x14: 6a626f2029302065 x13: 303378302f307830 x12: 2b6e665f72656d69\n x11: ffff8000124b1560 x10: ffff800012331520 x9 : ffff8000100ca6b0\n x8 : 000000000017ffe8 x7 : c0000000fffeffff x6 : 0000000000000001\n x5 : ffff800011d8c000 x4 : ffff800011d8c740 x3 : 0000000000000000\n x2 : ffff0001108301c0 x1 : ab3c90eedf9c0f00 x0 : 0000000000000000\n Call trace:\n debug_print_object+0xb8/0x100\n __debug_check_no_obj_freed+0x1c0/0x230\n debug_check_no_obj_freed+0x20/0x88\n slab_free_freelist_hook+0x154/0x1c8\n kfree+0x114/0x5d0\n sugov_exit+0xbc/0xc0\n cpufreq_exit_governor+0x44/0x90\n cpufreq_set_policy+0x268/0x4a8\n store_scaling_governor+0xe0/0x128\n store+0xc0/0xf0\n sysfs_kf_write+0x54/0x80\n kernfs_fop_write_iter+0x128/0x1c0\n new_sync_write+0xf0/0x190\n vfs_write+0x2d4/0x478\n ksys_write+0x74/0x100\n __arm64_sys_write+0x24/0x30\n invoke_syscall.constprop.0+0x54/0xe0\n do_el0_svc+0x64/0x158\n el0_svc+0x2c/0xb0\n el0t_64_sync_handler+0xb0/0xb8\n el0t_64_sync+0x198/0x19c\n irq event stamp: 5518\n hardirqs last enabled at (5517): [\u003cffff8000100cbd7c\u003e] console_unlock+0x554/0x6c8\n hardirqs last disabled at (5518): [\u003cffff800010fc0638\u003e] el1_dbg+0x28/0xa0\n softirqs last enabled at (5504): [\u003cffff8000100106e0\u003e] __do_softirq+0x4d0/0x6c0\n softirqs last disabled at (5483): [\u003cffff800010049548\u003e] irq_exit+0x1b0/0x1b8\n\nSo split the original sugov_tunables_free() into two functions,\nsugov_clear_global_tunables() is just used to clear the global_tunables\nand the new sugov_tunables_free() is used as kobj_type::release to\nrelease the sugov_tunables safely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47387",
"url": "https://www.suse.com/security/cve/CVE-2021-47387"
},
{
"category": "external",
"summary": "SUSE Bug 1225316 for CVE-2021-47387",
"url": "https://bugzilla.suse.com/1225316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47387"
},
{
"cve": "CVE-2021-47388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: fix use-after-free in CCMP/GCMP RX\n\nWhen PN checking is done in mac80211, for fragmentation we need\nto copy the PN to the RX struct so we can later use it to do a\ncomparison, since commit bf30ca922a0c (\"mac80211: check defrag\nPN against current frame\").\n\nUnfortunately, in that commit I used the \u0027hdr\u0027 variable without\nit being necessarily valid, so use-after-free could occur if it\nwas necessary to reallocate (parts of) the frame.\n\nFix this by reloading the variable after the code that results\nin the reallocations, if any.\n\nThis fixes https://bugzilla.kernel.org/show_bug.cgi?id=214401.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47388",
"url": "https://www.suse.com/security/cve/CVE-2021-47388"
},
{
"category": "external",
"summary": "SUSE Bug 1225214 for CVE-2021-47388",
"url": "https://bugzilla.suse.com/1225214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47388"
},
{
"cve": "CVE-2021-47389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47389"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: fix missing sev_decommission in sev_receive_start\n\nDECOMMISSION the current SEV context if binding an ASID fails after\nRECEIVE_START. Per AMD\u0027s SEV API, RECEIVE_START generates a new guest\ncontext and thus needs to be paired with DECOMMISSION:\n\n The RECEIVE_START command is the only command other than the LAUNCH_START\n command that generates a new guest context and guest handle.\n\nThe missing DECOMMISSION can result in subsequent SEV launch failures,\nas the firmware leaks memory and might not able to allocate more SEV\nguest contexts in the future.\n\nNote, LAUNCH_START suffered the same bug, but was previously fixed by\ncommit 934002cd660b (\"KVM: SVM: Call SEV Guest Decommission if ASID\nbinding fails\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47389",
"url": "https://www.suse.com/security/cve/CVE-2021-47389"
},
{
"category": "external",
"summary": "SUSE Bug 1225126 for CVE-2021-47389",
"url": "https://bugzilla.suse.com/1225126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47389"
},
{
"cve": "CVE-2021-47390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47390"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect()\n\nKASAN reports the following issue:\n\n BUG: KASAN: stack-out-of-bounds in kvm_make_vcpus_request_mask+0x174/0x440 [kvm]\n Read of size 8 at addr ffffc9001364f638 by task qemu-kvm/4798\n\n CPU: 0 PID: 4798 Comm: qemu-kvm Tainted: G X --------- ---\n Hardware name: AMD Corporation DAYTONA_X/DAYTONA_X, BIOS RYM0081C 07/13/2020\n Call Trace:\n dump_stack+0xa5/0xe6\n print_address_description.constprop.0+0x18/0x130\n ? kvm_make_vcpus_request_mask+0x174/0x440 [kvm]\n __kasan_report.cold+0x7f/0x114\n ? kvm_make_vcpus_request_mask+0x174/0x440 [kvm]\n kasan_report+0x38/0x50\n kasan_check_range+0xf5/0x1d0\n kvm_make_vcpus_request_mask+0x174/0x440 [kvm]\n kvm_make_scan_ioapic_request_mask+0x84/0xc0 [kvm]\n ? kvm_arch_exit+0x110/0x110 [kvm]\n ? sched_clock+0x5/0x10\n ioapic_write_indirect+0x59f/0x9e0 [kvm]\n ? static_obj+0xc0/0xc0\n ? __lock_acquired+0x1d2/0x8c0\n ? kvm_ioapic_eoi_inject_work+0x120/0x120 [kvm]\n\nThe problem appears to be that \u0027vcpu_bitmap\u0027 is allocated as a single long\non stack and it should really be KVM_MAX_VCPUS long. We also seem to clear\nthe lower 16 bits of it with bitmap_zero() for no particular reason (my\nguess would be that \u0027bitmap\u0027 and \u0027vcpu_bitmap\u0027 variables in\nkvm_bitmap_or_dest_vcpus() caused the confusion: while the later is indeed\n16-bit long, the later should accommodate all possible vCPUs).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47390",
"url": "https://www.suse.com/security/cve/CVE-2021-47390"
},
{
"category": "external",
"summary": "SUSE Bug 1225125 for CVE-2021-47390",
"url": "https://bugzilla.suse.com/1225125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47390"
},
{
"cve": "CVE-2021-47391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests\n\nThe FSM can run in a circle allowing rdma_resolve_ip() to be called twice\non the same id_priv. While this cannot happen without going through the\nwork, it violates the invariant that the same address resolution\nbackground request cannot be active twice.\n\n CPU 1 CPU 2\n\nrdma_resolve_addr():\n RDMA_CM_IDLE -\u003e RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler) #1\n\n\t\t\t process_one_req(): for #1\n addr_handler():\n RDMA_CM_ADDR_QUERY -\u003e RDMA_CM_ADDR_BOUND\n mutex_unlock(\u0026id_priv-\u003ehandler_mutex);\n [.. handler still running ..]\n\nrdma_resolve_addr():\n RDMA_CM_ADDR_BOUND -\u003e RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler)\n !! two requests are now on the req_list\n\nrdma_destroy_id():\n destroy_id_handler_unlock():\n _destroy_id():\n cma_cancel_operation():\n rdma_addr_cancel()\n\n // process_one_req() self removes it\n\t\t spin_lock_bh(\u0026lock);\n cancel_delayed_work(\u0026req-\u003ework);\n\t if (!list_empty(\u0026req-\u003elist)) == true\n\n ! rdma_addr_cancel() returns after process_on_req #1 is done\n\n kfree(id_priv)\n\n\t\t\t process_one_req(): for #2\n addr_handler():\n\t mutex_lock(\u0026id_priv-\u003ehandler_mutex);\n !! Use after free on id_priv\n\nrdma_addr_cancel() expects there to be one req on the list and only\ncancels the first one. The self-removal behavior of the work only happens\nafter the handler has returned. This yields a situations where the\nreq_list can have two reqs for the same \"handle\" but rdma_addr_cancel()\nonly cancels the first one.\n\nThe second req remains active beyond rdma_destroy_id() and will\nuse-after-free id_priv once it inevitably triggers.\n\nFix this by remembering if the id_priv has called rdma_resolve_ip() and\nalways cancel before calling it again. This ensures the req_list never\ngets more than one item in it and doesn\u0027t cost anything in the normal flow\nthat never uses this strange error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47391",
"url": "https://www.suse.com/security/cve/CVE-2021-47391"
},
{
"category": "external",
"summary": "SUSE Bug 1225318 for CVE-2021-47391",
"url": "https://bugzilla.suse.com/1225318"
},
{
"category": "external",
"summary": "SUSE Bug 1225319 for CVE-2021-47391",
"url": "https://bugzilla.suse.com/1225319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47391"
},
{
"cve": "CVE-2021-47392",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47392"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure\n\nIf cma_listen_on_all() fails it leaves the per-device ID still on the\nlisten_list but the state is not set to RDMA_CM_ADDR_BOUND.\n\nWhen the cmid is eventually destroyed cma_cancel_listens() is not called\ndue to the wrong state, however the per-device IDs are still holding the\nrefcount preventing the ID from being destroyed, thus deadlocking:\n\n task:rping state:D stack: 0 pid:19605 ppid: 47036 flags:0x00000084\n Call Trace:\n __schedule+0x29a/0x780\n ? free_unref_page_commit+0x9b/0x110\n schedule+0x3c/0xa0\n schedule_timeout+0x215/0x2b0\n ? __flush_work+0x19e/0x1e0\n wait_for_completion+0x8d/0xf0\n _destroy_id+0x144/0x210 [rdma_cm]\n ucma_close_id+0x2b/0x40 [rdma_ucm]\n __destroy_id+0x93/0x2c0 [rdma_ucm]\n ? __xa_erase+0x4a/0xa0\n ucma_destroy_id+0x9a/0x120 [rdma_ucm]\n ucma_write+0xb8/0x130 [rdma_ucm]\n vfs_write+0xb4/0x250\n ksys_write+0xb5/0xd0\n ? syscall_trace_enter.isra.19+0x123/0x190\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nEnsure that cma_listen_on_all() atomically unwinds its action under the\nlock during error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47392",
"url": "https://www.suse.com/security/cve/CVE-2021-47392"
},
{
"category": "external",
"summary": "SUSE Bug 1225320 for CVE-2021-47392",
"url": "https://bugzilla.suse.com/1225320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47392"
},
{
"cve": "CVE-2021-47393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47393"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs\n\nFan speed minimum can be enforced from sysfs. For example, setting\ncurrent fan speed to 20 is used to enforce fan speed to be at 100%\nspeed, 19 - to be not below 90% speed, etcetera. This feature provides\nability to limit fan speed according to some system wise\nconsiderations, like absence of some replaceable units or high system\nambient temperature.\n\nRequest for changing fan minimum speed is configuration request and can\nbe set only through \u0027sysfs\u0027 write procedure. In this situation value of\nargument \u0027state\u0027 is above nominal fan speed maximum.\n\nReturn non-zero code in this case to avoid\nthermal_cooling_device_stats_update() call, because in this case\nstatistics update violates thermal statistics table range.\nThe issues is observed in case kernel is configured with option\nCONFIG_THERMAL_STATISTICS.\n\nHere is the trace from KASAN:\n[ 159.506659] BUG: KASAN: slab-out-of-bounds in thermal_cooling_device_stats_update+0x7d/0xb0\n[ 159.516016] Read of size 4 at addr ffff888116163840 by task hw-management.s/7444\n[ 159.545625] Call Trace:\n[ 159.548366] dump_stack+0x92/0xc1\n[ 159.552084] ? thermal_cooling_device_stats_update+0x7d/0xb0\n[ 159.635869] thermal_zone_device_update+0x345/0x780\n[ 159.688711] thermal_zone_device_set_mode+0x7d/0xc0\n[ 159.694174] mlxsw_thermal_modules_init+0x48f/0x590 [mlxsw_core]\n[ 159.700972] ? mlxsw_thermal_set_cur_state+0x5a0/0x5a0 [mlxsw_core]\n[ 159.731827] mlxsw_thermal_init+0x763/0x880 [mlxsw_core]\n[ 160.070233] RIP: 0033:0x7fd995909970\n[ 160.074239] Code: 73 01 c3 48 8b 0d 28 d5 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 99 2d 2c 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ..\n[ 160.095242] RSP: 002b:00007fff54f5d938 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 160.103722] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 00007fd995909970\n[ 160.111710] RDX: 0000000000000013 RSI: 0000000001906008 RDI: 0000000000000001\n[ 160.119699] RBP: 0000000001906008 R08: 00007fd995bc9760 R09: 00007fd996210700\n[ 160.127687] R10: 0000000000000073 R11: 0000000000000246 R12: 0000000000000013\n[ 160.135673] R13: 0000000000000001 R14: 00007fd995bc8600 R15: 0000000000000013\n[ 160.143671]\n[ 160.145338] Allocated by task 2924:\n[ 160.149242] kasan_save_stack+0x19/0x40\n[ 160.153541] __kasan_kmalloc+0x7f/0xa0\n[ 160.157743] __kmalloc+0x1a2/0x2b0\n[ 160.161552] thermal_cooling_device_setup_sysfs+0xf9/0x1a0\n[ 160.167687] __thermal_cooling_device_register+0x1b5/0x500\n[ 160.173833] devm_thermal_of_cooling_device_register+0x60/0xa0\n[ 160.180356] mlxreg_fan_probe+0x474/0x5e0 [mlxreg_fan]\n[ 160.248140]\n[ 160.249807] The buggy address belongs to the object at ffff888116163400\n[ 160.249807] which belongs to the cache kmalloc-1k of size 1024\n[ 160.263814] The buggy address is located 64 bytes to the right of\n[ 160.263814] 1024-byte region [ffff888116163400, ffff888116163800)\n[ 160.277536] The buggy address belongs to the page:\n[ 160.282898] page:0000000012275840 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888116167000 pfn:0x116160\n[ 160.294872] head:0000000012275840 order:3 compound_mapcount:0 compound_pincount:0\n[ 160.303251] flags: 0x200000000010200(slab|head|node=0|zone=2)\n[ 160.309694] raw: 0200000000010200 ffffea00046f7208 ffffea0004928208 ffff88810004dbc0\n[ 160.318367] raw: ffff888116167000 00000000000a0006 00000001ffffffff 0000000000000000\n[ 160.327033] page dumped because: kasan: bad access detected\n[ 160.333270]\n[ 160.334937] Memory state around the buggy address:\n[ 160.356469] \u003effff888116163800: fc ..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47393",
"url": "https://www.suse.com/security/cve/CVE-2021-47393"
},
{
"category": "external",
"summary": "SUSE Bug 1225321 for CVE-2021-47393",
"url": "https://bugzilla.suse.com/1225321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47393"
},
{
"cve": "CVE-2021-47394",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47394"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: unlink table before deleting it\n\nsyzbot reports following UAF:\nBUG: KASAN: use-after-free in memcmp+0x18f/0x1c0 lib/string.c:955\n nla_strcmp+0xf2/0x130 lib/nlattr.c:836\n nft_table_lookup.part.0+0x1a2/0x460 net/netfilter/nf_tables_api.c:570\n nft_table_lookup net/netfilter/nf_tables_api.c:4064 [inline]\n nf_tables_getset+0x1b3/0x860 net/netfilter/nf_tables_api.c:4064\n nfnetlink_rcv_msg+0x659/0x13f0 net/netfilter/nfnetlink.c:285\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n\nProblem is that all get operations are lockless, so the commit_mutex\nheld by nft_rcv_nl_event() isn\u0027t enough to stop a parallel GET request\nfrom doing read-accesses to the table object even after synchronize_rcu().\n\nTo avoid this, unlink the table first and store the table objects in\non-stack scratch space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47394",
"url": "https://www.suse.com/security/cve/CVE-2021-47394"
},
{
"category": "external",
"summary": "SUSE Bug 1225323 for CVE-2021-47394",
"url": "https://bugzilla.suse.com/1225323"
},
{
"category": "external",
"summary": "SUSE Bug 1227906 for CVE-2021-47394",
"url": "https://bugzilla.suse.com/1227906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47394"
},
{
"cve": "CVE-2021-47395",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47395"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap\n\nLimit max values for vht mcs and nss in ieee80211_parse_tx_radiotap\nroutine in order to fix the following warning reported by syzbot:\n\nWARNING: CPU: 0 PID: 10717 at include/net/mac80211.h:989 ieee80211_rate_set_vht include/net/mac80211.h:989 [inline]\nWARNING: CPU: 0 PID: 10717 at include/net/mac80211.h:989 ieee80211_parse_tx_radiotap+0x101e/0x12d0 net/mac80211/tx.c:2244\nModules linked in:\nCPU: 0 PID: 10717 Comm: syz-executor.5 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:ieee80211_rate_set_vht include/net/mac80211.h:989 [inline]\nRIP: 0010:ieee80211_parse_tx_radiotap+0x101e/0x12d0 net/mac80211/tx.c:2244\nRSP: 0018:ffffc9000186f3e8 EFLAGS: 00010216\nRAX: 0000000000000618 RBX: ffff88804ef76500 RCX: ffffc900143a5000\nRDX: 0000000000040000 RSI: ffffffff888f478e RDI: 0000000000000003\nRBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000100\nR10: ffffffff888f46f9 R11: 0000000000000000 R12: 00000000fffffff8\nR13: ffff88804ef7653c R14: 0000000000000001 R15: 0000000000000004\nFS: 00007fbf5718f700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b2de23000 CR3: 000000006a671000 CR4: 00000000001506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600\nCall Trace:\n ieee80211_monitor_select_queue+0xa6/0x250 net/mac80211/iface.c:740\n netdev_core_pick_tx+0x169/0x2e0 net/core/dev.c:4089\n __dev_queue_xmit+0x6f9/0x3710 net/core/dev.c:4165\n __bpf_tx_skb net/core/filter.c:2114 [inline]\n __bpf_redirect_no_mac net/core/filter.c:2139 [inline]\n __bpf_redirect+0x5ba/0xd20 net/core/filter.c:2162\n ____bpf_clone_redirect net/core/filter.c:2429 [inline]\n bpf_clone_redirect+0x2ae/0x420 net/core/filter.c:2401\n bpf_prog_eeb6f53a69e5c6a2+0x59/0x234\n bpf_dispatcher_nop_func include/linux/bpf.h:717 [inline]\n __bpf_prog_run include/linux/filter.h:624 [inline]\n bpf_prog_run include/linux/filter.h:631 [inline]\n bpf_test_run+0x381/0xa30 net/bpf/test_run.c:119\n bpf_prog_test_run_skb+0xb84/0x1ee0 net/bpf/test_run.c:663\n bpf_prog_test_run kernel/bpf/syscall.c:3307 [inline]\n __sys_bpf+0x2137/0x5df0 kernel/bpf/syscall.c:4605\n __do_sys_bpf kernel/bpf/syscall.c:4691 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:4689 [inline]\n __x64_sys_bpf+0x75/0xb0 kernel/bpf/syscall.c:4689\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x4665f9",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47395",
"url": "https://www.suse.com/security/cve/CVE-2021-47395"
},
{
"category": "external",
"summary": "SUSE Bug 1225326 for CVE-2021-47395",
"url": "https://bugzilla.suse.com/1225326"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47395"
},
{
"cve": "CVE-2021-47396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211-hwsim: fix late beacon hrtimer handling\n\nThomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx\nthat our handling of the hrtimer here is wrong: If the timer fires\nlate (e.g. due to vCPU scheduling, as reported by Dmitry/syzbot)\nthen it tries to actually rearm the timer at the next deadline,\nwhich might be in the past already:\n\n 1 2 3 N N+1\n | | | ... | |\n\n ^ intended to fire here (1)\n ^ next deadline here (2)\n ^ actually fired here\n\nThe next time it fires, it\u0027s later, but will still try to schedule\nfor the next deadline (now 3), etc. until it catches up with N,\nbut that might take a long time, causing stalls etc.\n\nNow, all of this is simulation, so we just have to fix it, but\nnote that the behaviour is wrong even per spec, since there\u0027s no\nvalue then in sending all those beacons unaligned - they should be\naligned to the TBTT (1, 2, 3, ... in the picture), and if we\u0027re a\nbit (or a lot) late, then just resume at that point.\n\nTherefore, change the code to use hrtimer_forward_now() which will\nensure that the next firing of the timer would be at N+1 (in the\npicture), i.e. the next interval point after the current time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47396",
"url": "https://www.suse.com/security/cve/CVE-2021-47396"
},
{
"category": "external",
"summary": "SUSE Bug 1225327 for CVE-2021-47396",
"url": "https://bugzilla.suse.com/1225327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47396"
},
{
"cve": "CVE-2021-47397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb\n\nWe should always check if skb_header_pointer\u0027s return is NULL before\nusing it, otherwise it may cause null-ptr-deref, as syzbot reported:\n\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:sctp_rcv_ootb net/sctp/input.c:705 [inline]\n RIP: 0010:sctp_rcv+0x1d84/0x3220 net/sctp/input.c:196\n Call Trace:\n \u003cIRQ\u003e\n sctp6_rcv+0x38/0x60 net/sctp/ipv6.c:1109\n ip6_protocol_deliver_rcu+0x2e9/0x1ca0 net/ipv6/ip6_input.c:422\n ip6_input_finish+0x62/0x170 net/ipv6/ip6_input.c:463\n NF_HOOK include/linux/netfilter.h:307 [inline]\n NF_HOOK include/linux/netfilter.h:301 [inline]\n ip6_input+0x9c/0xd0 net/ipv6/ip6_input.c:472\n dst_input include/net/dst.h:460 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline]\n NF_HOOK include/linux/netfilter.h:307 [inline]\n NF_HOOK include/linux/netfilter.h:301 [inline]\n ipv6_rcv+0x28c/0x3c0 net/ipv6/ip6_input.c:297",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47397",
"url": "https://www.suse.com/security/cve/CVE-2021-47397"
},
{
"category": "external",
"summary": "SUSE Bug 1225082 for CVE-2021-47397",
"url": "https://bugzilla.suse.com/1225082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47397"
},
{
"cve": "CVE-2021-47398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hfi1: Fix kernel pointer leak\n\nPointers should be printed with %p or %px rather than cast to \u0027unsigned\nlong long\u0027 and printed with %llx. Change %llx to %p to print the secured\npointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47398",
"url": "https://www.suse.com/security/cve/CVE-2021-47398"
},
{
"category": "external",
"summary": "SUSE Bug 1225131 for CVE-2021-47398",
"url": "https://bugzilla.suse.com/1225131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47398"
},
{
"cve": "CVE-2021-47399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47399"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup\n\nThe ixgbe driver currently generates a NULL pointer dereference with\nsome machine (online cpus \u003c 63). This is due to the fact that the\nmaximum value of num_xdp_queues is nr_cpu_ids. Code is in\n\"ixgbe_set_rss_queues\"\".\n\nHere\u0027s how the problem repeats itself:\nSome machine (online cpus \u003c 63), And user set num_queues to 63 through\nethtool. Code is in the \"ixgbe_set_channels\",\n\tadapter-\u003ering_feature[RING_F_FDIR].limit = count;\n\nIt becomes 63.\n\nWhen user use xdp, \"ixgbe_set_rss_queues\" will set queues num.\n\tadapter-\u003enum_rx_queues = rss_i;\n\tadapter-\u003enum_tx_queues = rss_i;\n\tadapter-\u003enum_xdp_queues = ixgbe_xdp_queues(adapter);\n\nAnd rss_i\u0027s value is from\n\tf = \u0026adapter-\u003ering_feature[RING_F_FDIR];\n\trss_i = f-\u003eindices = f-\u003elimit;\n\nSo \"num_rx_queues\" \u003e \"num_xdp_queues\", when run to \"ixgbe_xdp_setup\",\n\tfor (i = 0; i \u003c adapter-\u003enum_rx_queues; i++)\n\t\tif (adapter-\u003exdp_ring[i]-\u003exsk_umem)\n\nIt leads to panic.\n\nCall trace:\n[exception RIP: ixgbe_xdp+368]\nRIP: ffffffffc02a76a0 RSP: ffff9fe16202f8d0 RFLAGS: 00010297\nRAX: 0000000000000000 RBX: 0000000000000020 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 000000000000001c RDI: ffffffffa94ead90\nRBP: ffff92f8f24c0c18 R8: 0000000000000000 R9: 0000000000000000\nR10: ffff9fe16202f830 R11: 0000000000000000 R12: ffff92f8f24c0000\nR13: ffff9fe16202fc01 R14: 000000000000000a R15: ffffffffc02a7530\nORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 7 [ffff9fe16202f8f0] dev_xdp_install at ffffffffa89fbbcc\n 8 [ffff9fe16202f920] dev_change_xdp_fd at ffffffffa8a08808\n 9 [ffff9fe16202f960] do_setlink at ffffffffa8a20235\n10 [ffff9fe16202fa88] rtnl_setlink at ffffffffa8a20384\n11 [ffff9fe16202fc78] rtnetlink_rcv_msg at ffffffffa8a1a8dd\n12 [ffff9fe16202fcf0] netlink_rcv_skb at ffffffffa8a717eb\n13 [ffff9fe16202fd40] netlink_unicast at ffffffffa8a70f88\n14 [ffff9fe16202fd80] netlink_sendmsg at ffffffffa8a71319\n15 [ffff9fe16202fdf0] sock_sendmsg at ffffffffa89df290\n16 [ffff9fe16202fe08] __sys_sendto at ffffffffa89e19c8\n17 [ffff9fe16202ff30] __x64_sys_sendto at ffffffffa89e1a64\n18 [ffff9fe16202ff38] do_syscall_64 at ffffffffa84042b9\n19 [ffff9fe16202ff50] entry_SYSCALL_64_after_hwframe at ffffffffa8c0008c\n\nSo I fix ixgbe_max_channels so that it will not allow a setting of queues\nto be higher than the num_online_cpus(). And when run to ixgbe_xdp_setup,\ntake the smaller value of num_rx_queues and num_xdp_queues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47399",
"url": "https://www.suse.com/security/cve/CVE-2021-47399"
},
{
"category": "external",
"summary": "SUSE Bug 1225328 for CVE-2021-47399",
"url": "https://bugzilla.suse.com/1225328"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47399"
},
{
"cve": "CVE-2021-47400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47400"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: do not allow call hns3_nic_net_open repeatedly\n\nhns3_nic_net_open() is not allowed to called repeatly, but there\nis no checking for this. When doing device reset and setup tc\nconcurrently, there is a small oppotunity to call hns3_nic_net_open\nrepeatedly, and cause kernel bug by calling napi_enable twice.\n\nThe calltrace information is like below:\n[ 3078.222780] ------------[ cut here ]------------\n[ 3078.230255] kernel BUG at net/core/dev.c:6991!\n[ 3078.236224] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[ 3078.243431] Modules linked in: hns3 hclgevf hclge hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O)\n[ 3078.258880] CPU: 0 PID: 295 Comm: kworker/u8:5 Tainted: G O 5.14.0-rc4+ #1\n[ 3078.269102] Hardware name: , BIOS KpxxxFPGA 1P B600 V181 08/12/2021\n[ 3078.276801] Workqueue: hclge hclge_service_task [hclge]\n[ 3078.288774] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[ 3078.296168] pc : napi_enable+0x80/0x84\ntc qdisc sho[w 3d0e7v8 .e3t0h218 79] lr : hns3_nic_net_open+0x138/0x510 [hns3]\n\n[ 3078.314771] sp : ffff8000108abb20\n[ 3078.319099] x29: ffff8000108abb20 x28: 0000000000000000 x27: ffff0820a8490300\n[ 3078.329121] x26: 0000000000000001 x25: ffff08209cfc6200 x24: 0000000000000000\n[ 3078.339044] x23: ffff0820a8490300 x22: ffff08209cd76000 x21: ffff0820abfe3880\n[ 3078.349018] x20: 0000000000000000 x19: ffff08209cd76900 x18: 0000000000000000\n[ 3078.358620] x17: 0000000000000000 x16: ffffc816e1727a50 x15: 0000ffff8f4ff930\n[ 3078.368895] x14: 0000000000000000 x13: 0000000000000000 x12: 0000259e9dbeb6b4\n[ 3078.377987] x11: 0096a8f7e764eb40 x10: 634615ad28d3eab5 x9 : ffffc816ad8885b8\n[ 3078.387091] x8 : ffff08209cfc6fb8 x7 : ffff0820ac0da058 x6 : ffff0820a8490344\n[ 3078.396356] x5 : 0000000000000140 x4 : 0000000000000003 x3 : ffff08209cd76938\n[ 3078.405365] x2 : 0000000000000000 x1 : 0000000000000010 x0 : ffff0820abfe38a0\n[ 3078.414657] Call trace:\n[ 3078.418517] napi_enable+0x80/0x84\n[ 3078.424626] hns3_reset_notify_up_enet+0x78/0xd0 [hns3]\n[ 3078.433469] hns3_reset_notify+0x64/0x80 [hns3]\n[ 3078.441430] hclge_notify_client+0x68/0xb0 [hclge]\n[ 3078.450511] hclge_reset_rebuild+0x524/0x884 [hclge]\n[ 3078.458879] hclge_reset_service_task+0x3c4/0x680 [hclge]\n[ 3078.467470] hclge_service_task+0xb0/0xb54 [hclge]\n[ 3078.475675] process_one_work+0x1dc/0x48c\n[ 3078.481888] worker_thread+0x15c/0x464\n[ 3078.487104] kthread+0x160/0x170\n[ 3078.492479] ret_from_fork+0x10/0x18\n[ 3078.498785] Code: c8027c81 35ffffa2 d50323bf d65f03c0 (d4210000)\n[ 3078.506889] ---[ end trace 8ebe0340a1b0fb44 ]---\n\nOnce hns3_nic_net_open() is excute success, the flag\nHNS3_NIC_STATE_DOWN will be cleared. So add checking for this\nflag, directly return when HNS3_NIC_STATE_DOWN is no set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47400",
"url": "https://www.suse.com/security/cve/CVE-2021-47400"
},
{
"category": "external",
"summary": "SUSE Bug 1225329 for CVE-2021-47400",
"url": "https://bugzilla.suse.com/1225329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47400"
},
{
"cve": "CVE-2021-47401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipack: ipoctal: fix stack information leak\n\nThe tty driver name is used also after registering the driver and must\nspecifically not be allocated on the stack to avoid leaking information\nto user space (or triggering an oops).\n\nDrivers should not try to encode topology information in the tty device\nname but this one snuck in through staging without anyone noticing and\nanother driver has since copied this malpractice.\n\nFixing the ABI is a separate issue, but this at least plugs the security\nhole.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47401",
"url": "https://www.suse.com/security/cve/CVE-2021-47401"
},
{
"category": "external",
"summary": "SUSE Bug 1225242 for CVE-2021-47401",
"url": "https://bugzilla.suse.com/1225242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47401"
},
{
"cve": "CVE-2021-47402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: flower: protect fl_walk() with rcu\n\nPatch that refactored fl_walk() to use idr_for_each_entry_continue_ul()\nalso removed rcu protection of individual filters which causes following\nuse-after-free when filter is deleted concurrently. Fix fl_walk() to obtain\nrcu read lock while iterating and taking the filter reference and temporary\nrelease the lock while calling arg-\u003efn() callback that can sleep.\n\nKASAN trace:\n\n[ 352.773640] ==================================================================\n[ 352.775041] BUG: KASAN: use-after-free in fl_walk+0x159/0x240 [cls_flower]\n[ 352.776304] Read of size 4 at addr ffff8881c8251480 by task tc/2987\n\n[ 352.777862] CPU: 3 PID: 2987 Comm: tc Not tainted 5.15.0-rc2+ #2\n[ 352.778980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 352.781022] Call Trace:\n[ 352.781573] dump_stack_lvl+0x46/0x5a\n[ 352.782332] print_address_description.constprop.0+0x1f/0x140\n[ 352.783400] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.784292] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.785138] kasan_report.cold+0x83/0xdf\n[ 352.785851] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.786587] kasan_check_range+0x145/0x1a0\n[ 352.787337] fl_walk+0x159/0x240 [cls_flower]\n[ 352.788163] ? fl_put+0x10/0x10 [cls_flower]\n[ 352.789007] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.790102] tcf_chain_dump+0x231/0x450\n[ 352.790878] ? tcf_chain_tp_delete_empty+0x170/0x170\n[ 352.791833] ? __might_sleep+0x2e/0xc0\n[ 352.792594] ? tfilter_notify+0x170/0x170\n[ 352.793400] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.794477] tc_dump_tfilter+0x385/0x4b0\n[ 352.795262] ? tc_new_tfilter+0x1180/0x1180\n[ 352.796103] ? __mod_node_page_state+0x1f/0xc0\n[ 352.796974] ? __build_skb_around+0x10e/0x130\n[ 352.797826] netlink_dump+0x2c0/0x560\n[ 352.798563] ? netlink_getsockopt+0x430/0x430\n[ 352.799433] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.800542] __netlink_dump_start+0x356/0x440\n[ 352.801397] rtnetlink_rcv_msg+0x3ff/0x550\n[ 352.802190] ? tc_new_tfilter+0x1180/0x1180\n[ 352.802872] ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[ 352.803668] ? tc_new_tfilter+0x1180/0x1180\n[ 352.804344] ? _copy_from_iter_nocache+0x800/0x800\n[ 352.805202] ? kasan_set_track+0x1c/0x30\n[ 352.805900] netlink_rcv_skb+0xc6/0x1f0\n[ 352.806587] ? rht_deferred_worker+0x6b0/0x6b0\n[ 352.807455] ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[ 352.808324] ? netlink_ack+0x4d0/0x4d0\n[ 352.809086] ? netlink_deliver_tap+0x62/0x3d0\n[ 352.809951] netlink_unicast+0x353/0x480\n[ 352.810744] ? netlink_attachskb+0x430/0x430\n[ 352.811586] ? __alloc_skb+0xd7/0x200\n[ 352.812349] netlink_sendmsg+0x396/0x680\n[ 352.813132] ? netlink_unicast+0x480/0x480\n[ 352.813952] ? __import_iovec+0x192/0x210\n[ 352.814759] ? netlink_unicast+0x480/0x480\n[ 352.815580] sock_sendmsg+0x6c/0x80\n[ 352.816299] ____sys_sendmsg+0x3a5/0x3c0\n[ 352.817096] ? kernel_sendmsg+0x30/0x30\n[ 352.817873] ? __ia32_sys_recvmmsg+0x150/0x150\n[ 352.818753] ___sys_sendmsg+0xd8/0x140\n[ 352.819518] ? sendmsg_copy_msghdr+0x110/0x110\n[ 352.820402] ? ___sys_recvmsg+0xf4/0x1a0\n[ 352.821110] ? __copy_msghdr_from_user+0x260/0x260\n[ 352.821934] ? _raw_spin_lock+0x81/0xd0\n[ 352.822680] ? __handle_mm_fault+0xef3/0x1b20\n[ 352.823549] ? rb_insert_color+0x2a/0x270\n[ 352.824373] ? copy_page_range+0x16b0/0x16b0\n[ 352.825209] ? perf_event_update_userpage+0x2d0/0x2d0\n[ 352.826190] ? __fget_light+0xd9/0xf0\n[ 352.826941] __sys_sendmsg+0xb3/0x130\n[ 352.827613] ? __sys_sendmsg_sock+0x20/0x20\n[ 352.828377] ? do_user_addr_fault+0x2c5/0x8a0\n[ 352.829184] ? fpregs_assert_state_consistent+0x52/0x60\n[ 352.830001] ? exit_to_user_mode_prepare+0x32/0x160\n[ 352.830845] do_syscall_64+0x35/0x80\n[ 352.831445] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 352.832331] RIP: 0033:0x7f7bee973c17\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47402",
"url": "https://www.suse.com/security/cve/CVE-2021-47402"
},
{
"category": "external",
"summary": "SUSE Bug 1225301 for CVE-2021-47402",
"url": "https://bugzilla.suse.com/1225301"
},
{
"category": "external",
"summary": "SUSE Bug 1225302 for CVE-2021-47402",
"url": "https://bugzilla.suse.com/1225302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47402"
},
{
"cve": "CVE-2021-47403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47403"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipack: ipoctal: fix module reference leak\n\nA reference to the carrier module was taken on every open but was only\nreleased once when the final reference to the tty struct was dropped.\n\nFix this by taking the module reference and initialising the tty driver\ndata when installing the tty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47403",
"url": "https://www.suse.com/security/cve/CVE-2021-47403"
},
{
"category": "external",
"summary": "SUSE Bug 1225241 for CVE-2021-47403",
"url": "https://bugzilla.suse.com/1225241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47403"
},
{
"cve": "CVE-2021-47404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: fix slab-out-of-bounds Write in betop_probe\n\nSyzbot reported slab-out-of-bounds Write bug in hid-betopff driver.\nThe problem is the driver assumes the device must have an input report but\nsome malicious devices violate this assumption.\n\nSo this patch checks hid_device\u0027s input is non empty before it\u0027s been used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47404",
"url": "https://www.suse.com/security/cve/CVE-2021-47404"
},
{
"category": "external",
"summary": "SUSE Bug 1225303 for CVE-2021-47404",
"url": "https://bugzilla.suse.com/1225303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47404"
},
{
"cve": "CVE-2021-47405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: free raw_report buffers in usbhid_stop\n\nFree the unsent raw_report buffers when the device is removed.\n\nFixes a memory leak reported by syzbot at:\nhttps://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8c418ab47",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47405",
"url": "https://www.suse.com/security/cve/CVE-2021-47405"
},
{
"category": "external",
"summary": "SUSE Bug 1225238 for CVE-2021-47405",
"url": "https://bugzilla.suse.com/1225238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47405"
},
{
"cve": "CVE-2021-47406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add error checking to ext4_ext_replay_set_iblocks()\n\nIf the call to ext4_map_blocks() fails due to an corrupted file\nsystem, ext4_ext_replay_set_iblocks() can get stuck in an infinite\nloop. This could be reproduced by running generic/526 with a file\nsystem that has inline_data and fast_commit enabled. The system will\nrepeatedly log to the console:\n\nEXT4-fs warning (device dm-3): ext4_block_to_path:105: block 1074800922 \u003e max in inode 131076\n\nand the stack that it gets stuck in is:\n\n ext4_block_to_path+0xe3/0x130\n ext4_ind_map_blocks+0x93/0x690\n ext4_map_blocks+0x100/0x660\n skip_hole+0x47/0x70\n ext4_ext_replay_set_iblocks+0x223/0x440\n ext4_fc_replay_inode+0x29e/0x3b0\n ext4_fc_replay+0x278/0x550\n do_one_pass+0x646/0xc10\n jbd2_journal_recover+0x14a/0x270\n jbd2_journal_load+0xc4/0x150\n ext4_load_journal+0x1f3/0x490\n ext4_fill_super+0x22d4/0x2c00\n\nWith this patch, generic/526 still fails, but system is no longer\nlocking up in a tight loop. It\u0027s likely the root casue is that\nfast_commit replay is corrupting file systems with inline_data, and we\nprobably need to add better error handling in the fast commit replay\ncode path beyond what is done here, which essentially just breaks the\ninfinite loop without reporting the to the higher levels of the code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47406",
"url": "https://www.suse.com/security/cve/CVE-2021-47406"
},
{
"category": "external",
"summary": "SUSE Bug 1225304 for CVE-2021-47406",
"url": "https://bugzilla.suse.com/1225304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47406"
},
{
"cve": "CVE-2021-47407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47407"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Handle SRCU initialization failure during page track init\n\nCheck the return of init_srcu_struct(), which can fail due to OOM, when\ninitializing the page track mechanism. Lack of checking leads to a NULL\npointer deref found by a modified syzkaller.\n\n[Move the call towards the beginning of kvm_arch_init_vm. - Paolo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47407",
"url": "https://www.suse.com/security/cve/CVE-2021-47407"
},
{
"category": "external",
"summary": "SUSE Bug 1225306 for CVE-2021-47407",
"url": "https://bugzilla.suse.com/1225306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47407"
},
{
"cve": "CVE-2021-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: serialize hash resizes and cleanups\n\nSyzbot was able to trigger the following warning [1]\n\nNo repro found by syzbot yet but I was able to trigger similar issue\nby having 2 scripts running in parallel, changing conntrack hash sizes,\nand:\n\nfor j in `seq 1 1000` ; do unshare -n /bin/true \u003e/dev/null ; done\n\nIt would take more than 5 minutes for net_namespace structures\nto be cleaned up.\n\nThis is because nf_ct_iterate_cleanup() has to restart everytime\na resize happened.\n\nBy adding a mutex, we can serialize hash resizes and cleanups\nand also make get_next_corpse() faster by skipping over empty\nbuckets.\n\nEven without resizes in the picture, this patch considerably\nspeeds up network namespace dismantles.\n\n[1]\nINFO: task syz-executor.0:8312 can\u0027t die for more than 144 seconds.\ntask:syz-executor.0 state:R running task stack:25672 pid: 8312 ppid: 6573 flags:0x00004006\nCall Trace:\n context_switch kernel/sched/core.c:4955 [inline]\n __schedule+0x940/0x26f0 kernel/sched/core.c:6236\n preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6408\n preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:35\n __local_bh_enable_ip+0x109/0x120 kernel/softirq.c:390\n local_bh_enable include/linux/bottom_half.h:32 [inline]\n get_next_corpse net/netfilter/nf_conntrack_core.c:2252 [inline]\n nf_ct_iterate_cleanup+0x15a/0x450 net/netfilter/nf_conntrack_core.c:2275\n nf_conntrack_cleanup_net_list+0x14c/0x4f0 net/netfilter/nf_conntrack_core.c:2469\n ops_exit_list+0x10d/0x160 net/core/net_namespace.c:171\n setup_net+0x639/0xa30 net/core/net_namespace.c:349\n copy_net_ns+0x319/0x760 net/core/net_namespace.c:470\n create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0xc1/0x1f0 kernel/nsproxy.c:226\n ksys_unshare+0x445/0x920 kernel/fork.c:3128\n __do_sys_unshare kernel/fork.c:3202 [inline]\n __se_sys_unshare kernel/fork.c:3200 [inline]\n __x64_sys_unshare+0x2d/0x40 kernel/fork.c:3200\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f63da68e739\nRSP: 002b:00007f63d7c05188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110\nRAX: ffffffffffffffda RBX: 00007f63da792f80 RCX: 00007f63da68e739\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000\nRBP: 00007f63da6e8cc4 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f63da792f80\nR13: 00007fff50b75d3f R14: 00007f63d7c05300 R15: 0000000000022000\n\nShowing all locks held in the system:\n1 lock held by khungtaskd/27:\n #0: ffffffff8b980020 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6446\n2 locks held by kworker/u4:2/153:\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1198 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:634 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:661 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x896/0x1690 kernel/workqueue.c:2268\n #1: ffffc9000140fdb0 ((kfence_timer).work){+.+.}-{0:0}, at: process_one_work+0x8ca/0x1690 kernel/workqueue.c:2272\n1 lock held by systemd-udevd/2970:\n1 lock held by in:imklog/6258:\n #0: ffff88807f970ff0 (\u0026f-\u003ef_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:990\n3 locks held by kworker/1:6/8158:\n1 lock held by syz-executor.0/8312:\n2 locks held by kworker/u4:13/9320:\n1 lock held by\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47408",
"url": "https://www.suse.com/security/cve/CVE-2021-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1225236 for CVE-2021-47408",
"url": "https://bugzilla.suse.com/1225236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47408"
},
{
"cve": "CVE-2021-47409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47409"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47409",
"url": "https://www.suse.com/security/cve/CVE-2021-47409"
},
{
"category": "external",
"summary": "SUSE Bug 1225330 for CVE-2021-47409",
"url": "https://bugzilla.suse.com/1225330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47409"
},
{
"cve": "CVE-2021-47410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47410"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: fix svm_migrate_fini warning\n\nDevice manager releases device-specific resources when a driver\ndisconnects from a device, devm_memunmap_pages and\ndevm_release_mem_region calls in svm_migrate_fini are redundant.\n\nIt causes below warning trace after patch \"drm/amdgpu: Split\namdgpu_device_fini into early and late\", so remove function\nsvm_migrate_fini.\n\nBUG: https://gitlab.freedesktop.org/drm/amd/-/issues/1718\n\nWARNING: CPU: 1 PID: 3646 at drivers/base/devres.c:795\ndevm_release_action+0x51/0x60\nCall Trace:\n ? memunmap_pages+0x360/0x360\n svm_migrate_fini+0x2d/0x60 [amdgpu]\n kgd2kfd_device_exit+0x23/0xa0 [amdgpu]\n amdgpu_amdkfd_device_fini_sw+0x1d/0x30 [amdgpu]\n amdgpu_device_fini_sw+0x45/0x290 [amdgpu]\n amdgpu_driver_release_kms+0x12/0x30 [amdgpu]\n drm_dev_release+0x20/0x40 [drm]\n release_nodes+0x196/0x1e0\n device_release_driver_internal+0x104/0x1d0\n driver_detach+0x47/0x90\n bus_remove_driver+0x7a/0xd0\n pci_unregister_driver+0x3d/0x90\n amdgpu_exit+0x11/0x20 [amdgpu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47410",
"url": "https://www.suse.com/security/cve/CVE-2021-47410"
},
{
"category": "external",
"summary": "SUSE Bug 1225331 for CVE-2021-47410",
"url": "https://bugzilla.suse.com/1225331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47410"
},
{
"cve": "CVE-2021-47412",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47412"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t call rq_qos_ops-\u003edone_bio if the bio isn\u0027t tracked\n\nrq_qos framework is only applied on request based driver, so:\n\n1) rq_qos_done_bio() needn\u0027t to be called for bio based driver\n\n2) rq_qos_done_bio() needn\u0027t to be called for bio which isn\u0027t tracked,\nsuch as bios ended from error handling code.\n\nEspecially in bio_endio():\n\n1) request queue is referred via bio-\u003ebi_bdev-\u003ebd_disk-\u003equeue, which\nmay be gone since request queue refcount may not be held in above two\ncases\n\n2) q-\u003erq_qos may be freed in blk_cleanup_queue() when calling into\n__rq_qos_done_bio()\n\nFix the potential kernel panic by not calling rq_qos_ops-\u003edone_bio if\nthe bio isn\u0027t tracked. This way is safe because both ioc_rqos_done_bio()\nand blkcg_iolatency_done_bio() are nop if the bio isn\u0027t tracked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47412",
"url": "https://www.suse.com/security/cve/CVE-2021-47412"
},
{
"category": "external",
"summary": "SUSE Bug 1225332 for CVE-2021-47412",
"url": "https://bugzilla.suse.com/1225332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47412"
},
{
"cve": "CVE-2021-47413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: ci_hdrc_imx: Also search for \u0027phys\u0027 phandle\n\nWhen passing \u0027phys\u0027 in the devicetree to describe the USB PHY phandle\n(which is the recommended way according to\nDocumentation/devicetree/bindings/usb/ci-hdrc-usb2.txt) the\nfollowing NULL pointer dereference is observed on i.MX7 and i.MX8MM:\n\n[ 1.489344] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000098\n[ 1.498170] Mem abort info:\n[ 1.500966] ESR = 0x96000044\n[ 1.504030] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 1.509356] SET = 0, FnV = 0\n[ 1.512416] EA = 0, S1PTW = 0\n[ 1.515569] FSC = 0x04: level 0 translation fault\n[ 1.520458] Data abort info:\n[ 1.523349] ISV = 0, ISS = 0x00000044\n[ 1.527196] CM = 0, WnR = 1\n[ 1.530176] [0000000000000098] user address but active_mm is swapper\n[ 1.536544] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 1.542125] Modules linked in:\n[ 1.545190] CPU: 3 PID: 7 Comm: kworker/u8:0 Not tainted 5.14.0-dirty #3\n[ 1.551901] Hardware name: Kontron i.MX8MM N801X S (DT)\n[ 1.557133] Workqueue: events_unbound deferred_probe_work_func\n[ 1.562984] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO BTYPE=--)\n[ 1.568998] pc : imx7d_charger_detection+0x3f0/0x510\n[ 1.573973] lr : imx7d_charger_detection+0x22c/0x510\n\nThis happens because the charger functions check for the phy presence\ninside the imx_usbmisc_data structure (data-\u003eusb_phy), but the chipidea\ncore populates the usb_phy passed via \u0027phys\u0027 inside \u0027struct ci_hdrc\u0027\n(ci-\u003eusb_phy) instead.\n\nThis causes the NULL pointer dereference inside imx7d_charger_detection().\n\nFix it by also searching for \u0027phys\u0027 in case \u0027fsl,usbphy\u0027 is not found.\n\nTested on a imx7s-warp board.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47413",
"url": "https://www.suse.com/security/cve/CVE-2021-47413"
},
{
"category": "external",
"summary": "SUSE Bug 1225333 for CVE-2021-47413",
"url": "https://bugzilla.suse.com/1225333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47413"
},
{
"cve": "CVE-2021-47414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Flush current cpu icache before other cpus\n\nOn SiFive Unmatched, I recently fell onto the following BUG when booting:\n\n[ 0.000000] ftrace: allocating 36610 entries in 144 pages\n[ 0.000000] Oops - illegal instruction [#1]\n[ 0.000000] Modules linked in:\n[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 5.13.1+ #5\n[ 0.000000] Hardware name: SiFive HiFive Unmatched A00 (DT)\n[ 0.000000] epc : riscv_cpuid_to_hartid_mask+0x6/0xae\n[ 0.000000] ra : __sbi_rfence_v02+0xc8/0x10a\n[ 0.000000] epc : ffffffff80007240 ra : ffffffff80009964 sp : ffffffff81803e10\n[ 0.000000] gp : ffffffff81a1ea70 tp : ffffffff8180f500 t0 : ffffffe07fe30000\n[ 0.000000] t1 : 0000000000000004 t2 : 0000000000000000 s0 : ffffffff81803e60\n[ 0.000000] s1 : 0000000000000000 a0 : ffffffff81a22238 a1 : ffffffff81803e10\n[ 0.000000] a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000\n[ 0.000000] a5 : 0000000000000000 a6 : ffffffff8000989c a7 : 0000000052464e43\n[ 0.000000] s2 : ffffffff81a220c8 s3 : 0000000000000000 s4 : 0000000000000000\n[ 0.000000] s5 : 0000000000000000 s6 : 0000000200000100 s7 : 0000000000000001\n[ 0.000000] s8 : ffffffe07fe04040 s9 : ffffffff81a22c80 s10: 0000000000001000\n[ 0.000000] s11: 0000000000000004 t3 : 0000000000000001 t4 : 0000000000000008\n[ 0.000000] t5 : ffffffcf04000808 t6 : ffffffe3ffddf188\n[ 0.000000] status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000002\n[ 0.000000] [\u003cffffffff80007240\u003e] riscv_cpuid_to_hartid_mask+0x6/0xae\n[ 0.000000] [\u003cffffffff80009474\u003e] sbi_remote_fence_i+0x1e/0x26\n[ 0.000000] [\u003cffffffff8000b8f4\u003e] flush_icache_all+0x12/0x1a\n[ 0.000000] [\u003cffffffff8000666c\u003e] patch_text_nosync+0x26/0x32\n[ 0.000000] [\u003cffffffff8000884e\u003e] ftrace_init_nop+0x52/0x8c\n[ 0.000000] [\u003cffffffff800f051e\u003e] ftrace_process_locs.isra.0+0x29c/0x360\n[ 0.000000] [\u003cffffffff80a0e3c6\u003e] ftrace_init+0x80/0x130\n[ 0.000000] [\u003cffffffff80a00f8c\u003e] start_kernel+0x5c4/0x8f6\n[ 0.000000] ---[ end trace f67eb9af4d8d492b ]---\n[ 0.000000] Kernel panic - not syncing: Attempted to kill the idle task!\n[ 0.000000] ---[ end Kernel panic - not syncing: Attempted to kill the idle task! ]---\n\nWhile ftrace is looping over a list of addresses to patch, it always failed\nwhen patching the same function: riscv_cpuid_to_hartid_mask. Looking at the\nbacktrace, the illegal instruction is encountered in this same function.\nHowever, patch_text_nosync, after patching the instructions, calls\nflush_icache_range. But looking at what happens in this function:\n\nflush_icache_range -\u003e flush_icache_all\n -\u003e sbi_remote_fence_i\n -\u003e __sbi_rfence_v02\n -\u003e riscv_cpuid_to_hartid_mask\n\nThe icache and dcache of the current cpu are never synchronized between the\npatching of riscv_cpuid_to_hartid_mask and calling this same function.\n\nSo fix this by flushing the current cpu\u0027s icache before asking for the other\ncpus to do the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47414",
"url": "https://www.suse.com/security/cve/CVE-2021-47414"
},
{
"category": "external",
"summary": "SUSE Bug 1225334 for CVE-2021-47414",
"url": "https://bugzilla.suse.com/1225334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47414"
},
{
"cve": "CVE-2021-47415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: mvm: Fix possible NULL dereference\n\nIn __iwl_mvm_remove_time_event() check that \u0027te_data-\u003evif\u0027 is NULL\nbefore dereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47415",
"url": "https://www.suse.com/security/cve/CVE-2021-47415"
},
{
"category": "external",
"summary": "SUSE Bug 1225335 for CVE-2021-47415",
"url": "https://bugzilla.suse.com/1225335"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47415"
},
{
"cve": "CVE-2021-47416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: mdio: fix memory leak\n\nSyzbot reported memory leak in MDIO bus interface, the problem was in\nwrong state logic.\n\nMDIOBUS_ALLOCATED indicates 2 states:\n\t1. Bus is only allocated\n\t2. Bus allocated and __mdiobus_register() fails, but\n\t device_register() was called\n\nIn case of device_register() has been called we should call put_device()\nto correctly free the memory allocated for this device, but mdiobus_free()\ncalls just kfree(dev) in case of MDIOBUS_ALLOCATED state\n\nTo avoid this behaviour we need to set bus-\u003estate to MDIOBUS_UNREGISTERED\n_before_ calling device_register(), because put_device() should be\ncalled even in case of device_register() failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47416",
"url": "https://www.suse.com/security/cve/CVE-2021-47416"
},
{
"category": "external",
"summary": "SUSE Bug 1225189 for CVE-2021-47416",
"url": "https://bugzilla.suse.com/1225189"
},
{
"category": "external",
"summary": "SUSE Bug 1225336 for CVE-2021-47416",
"url": "https://bugzilla.suse.com/1225336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47416"
},
{
"cve": "CVE-2021-47417",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47417"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibbpf: Fix memory leak in strset\n\nFree struct strset itself, not just its internal parts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47417",
"url": "https://www.suse.com/security/cve/CVE-2021-47417"
},
{
"category": "external",
"summary": "SUSE Bug 1225227 for CVE-2021-47417",
"url": "https://bugzilla.suse.com/1225227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47417"
},
{
"cve": "CVE-2021-47418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: fix NULL deref in fifo_set_limit()\n\nsyzbot reported another NULL deref in fifo_set_limit() [1]\n\nI could repro the issue with :\n\nunshare -n\ntc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit\ntc qd replace dev lo parent 1:0 pfifo_fast\ntc qd change dev lo root handle 1:0 tbf limit 300000 burst 70000 rate 100Mbit\n\npfifo_fast does not have a change() operation.\nMake fifo_set_limit() more robust about this.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 1cf99067 P4D 1cf99067 PUD 7ca49067 PMD 0\nOops: 0010 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 14443 Comm: syz-executor959 Not tainted 5.15.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\nRSP: 0018:ffffc9000e2f7310 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffffff8d6ecc00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff888024c27910 RDI: ffff888071e34000\nRBP: ffff888071e34000 R08: 0000000000000001 R09: ffffffff8fcfb947\nR10: 0000000000000001 R11: 0000000000000000 R12: ffff888024c27910\nR13: ffff888071e34018 R14: 0000000000000000 R15: ffff88801ef74800\nFS: 00007f321d897700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 00000000722c3000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n fifo_set_limit net/sched/sch_fifo.c:242 [inline]\n fifo_set_limit+0x198/0x210 net/sched/sch_fifo.c:227\n tbf_change+0x6ec/0x16d0 net/sched/sch_tbf.c:418\n qdisc_change net/sched/sch_api.c:1332 [inline]\n tc_modify_qdisc+0xd9a/0x1a60 net/sched/sch_api.c:1634\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5572\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340\n netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47418",
"url": "https://www.suse.com/security/cve/CVE-2021-47418"
},
{
"category": "external",
"summary": "SUSE Bug 1225337 for CVE-2021-47418",
"url": "https://bugzilla.suse.com/1225337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47418"
},
{
"cve": "CVE-2021-47419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_taprio: properly cancel timer from taprio_destroy()\n\nThere is a comment in qdisc_create() about us not calling ops-\u003ereset()\nin some cases.\n\nerr_out4:\n\t/*\n\t * Any broken qdiscs that would require a ops-\u003ereset() here?\n\t * The qdisc was never in action so it shouldn\u0027t be necessary.\n\t */\n\nAs taprio sets a timer before actually receiving a packet, we need\nto cancel it from ops-\u003edestroy, just in case ops-\u003ereset has not\nbeen called.\n\nsyzbot reported:\n\nODEBUG: free active (active state 0) object type: hrtimer hint: advance_sched+0x0/0x9a0 arch/x86/include/asm/atomic64_64.h:22\nWARNING: CPU: 0 PID: 8441 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505\nModules linked in:\nCPU: 0 PID: 8441 Comm: syz-executor813 Not tainted 5.14.0-rc6-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505\nCode: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd e0 d3 e3 89 4c 89 ee 48 c7 c7 e0 c7 e3 89 e8 5b 86 11 05 \u003c0f\u003e 0b 83 05 85 03 92 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3\nRSP: 0018:ffffc9000130f330 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000\nRDX: ffff88802baeb880 RSI: ffffffff815d87b5 RDI: fffff52000261e58\nRBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815d25ee R11: 0000000000000000 R12: ffffffff898dd020\nR13: ffffffff89e3ce20 R14: ffffffff81653630 R15: dffffc0000000000\nFS: 0000000000f0d300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffb64b3e000 CR3: 0000000036557000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n __debug_check_no_obj_freed lib/debugobjects.c:987 [inline]\n debug_check_no_obj_freed+0x301/0x420 lib/debugobjects.c:1018\n slab_free_hook mm/slub.c:1603 [inline]\n slab_free_freelist_hook+0x171/0x240 mm/slub.c:1653\n slab_free mm/slub.c:3213 [inline]\n kfree+0xe4/0x540 mm/slub.c:4267\n qdisc_create+0xbcf/0x1320 net/sched/sch_api.c:1299\n tc_modify_qdisc+0x4c8/0x1a60 net/sched/sch_api.c:1663\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340\n netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2403\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2457\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2486\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47419",
"url": "https://www.suse.com/security/cve/CVE-2021-47419"
},
{
"category": "external",
"summary": "SUSE Bug 1225338 for CVE-2021-47419",
"url": "https://bugzilla.suse.com/1225338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47419"
},
{
"cve": "CVE-2021-47420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47420"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: fix a potential ttm-\u003esg memory leak\n\nMemory is allocated for ttm-\u003esg by kmalloc in kfd_mem_dmamap_userptr,\nbut isn\u0027t freed by kfree in kfd_mem_dmaunmap_userptr. Free it!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47420",
"url": "https://www.suse.com/security/cve/CVE-2021-47420"
},
{
"category": "external",
"summary": "SUSE Bug 1225339 for CVE-2021-47420",
"url": "https://bugzilla.suse.com/1225339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47420"
},
{
"cve": "CVE-2021-47421",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47421"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume\n\nIn current code, when a PCI error state pci_channel_io_normal is detectd,\nit will report PCI_ERS_RESULT_CAN_RECOVER status to PCI driver, and PCI\ndriver will continue the execution of PCI resume callback report_resume by\npci_walk_bridge, and the callback will go into amdgpu_pci_resume\nfinally, where write lock is releasd unconditionally without acquiring\nsuch lock first. In this case, a deadlock will happen when other threads\nstart to acquire the read lock.\n\nTo fix this, add a member in amdgpu_device strucutre to cache\npci_channel_state, and only continue the execution in amdgpu_pci_resume\nwhen it\u0027s pci_channel_io_frozen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47421",
"url": "https://www.suse.com/security/cve/CVE-2021-47421"
},
{
"category": "external",
"summary": "SUSE Bug 1225353 for CVE-2021-47421",
"url": "https://bugzilla.suse.com/1225353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47421"
},
{
"cve": "CVE-2021-47422",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47422"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/kms/nv50-: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47422",
"url": "https://www.suse.com/security/cve/CVE-2021-47422"
},
{
"category": "external",
"summary": "SUSE Bug 1225233 for CVE-2021-47422",
"url": "https://bugzilla.suse.com/1225233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47422"
},
{
"cve": "CVE-2021-47423",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47423"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/debugfs: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47423",
"url": "https://www.suse.com/security/cve/CVE-2021-47423"
},
{
"category": "external",
"summary": "SUSE Bug 1225366 for CVE-2021-47423",
"url": "https://bugzilla.suse.com/1225366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47423"
},
{
"cve": "CVE-2021-47424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47424"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n Trying to free already-free IRQ 266\n WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__free_irq+0x9a/0x300\n Call Trace:\n ? synchronize_irq+0x3a/0xa0\n free_irq+0x2e/0x60\n i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n i40e_probe.part.108+0x134b/0x1a40 [i40e]\n ? kmem_cache_alloc+0x158/0x1c0\n ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n ? acpi_ut_update_object_reference+0x15e/0x1e2\n ? strstr+0x21/0x70\n ? irq_get_irq_data+0xa/0x20\n ? mp_check_pin_attr+0x13/0xc0\n ? irq_get_irq_data+0xa/0x20\n ? mp_map_pin_to_irq+0xd3/0x2f0\n ? acpi_register_gsi_ioapic+0x93/0x170\n ? pci_conf1_read+0xa4/0x100\n ? pci_bus_read_config_word+0x49/0x70\n ? do_pci_enable_device+0xcc/0x100\n local_pci_probe+0x41/0x90\n work_for_cpu_fn+0x16/0x20\n process_one_work+0x1a7/0x360\n worker_thread+0x1cf/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x112/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47424",
"url": "https://www.suse.com/security/cve/CVE-2021-47424"
},
{
"category": "external",
"summary": "SUSE Bug 1225367 for CVE-2021-47424",
"url": "https://bugzilla.suse.com/1225367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47424"
},
{
"cve": "CVE-2021-47425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47425"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: acpi: fix resource leak in reconfiguration device addition\n\nacpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a\nreference on the adapter which is never released which will result in a\nreference count leak and render the adapter unremovable. Make sure to\nput the adapter after creating the client in the same manner that we do\nfor OF.\n\n[wsa: fixed title]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47425",
"url": "https://www.suse.com/security/cve/CVE-2021-47425"
},
{
"category": "external",
"summary": "SUSE Bug 1225223 for CVE-2021-47425",
"url": "https://bugzilla.suse.com/1225223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47425"
},
{
"cve": "CVE-2021-47426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47426"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, s390: Fix potential memory leak about jit_data\n\nMake sure to free jit_data through kfree() in the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47426",
"url": "https://www.suse.com/security/cve/CVE-2021-47426"
},
{
"category": "external",
"summary": "SUSE Bug 1225370 for CVE-2021-47426",
"url": "https://bugzilla.suse.com/1225370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47426"
},
{
"cve": "CVE-2021-47427",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47427"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix iscsi_task use after free\n\nCommit d39df158518c (\"scsi: iscsi: Have abort handler get ref to conn\")\nadded iscsi_get_conn()/iscsi_put_conn() calls during abort handling but\nthen also changed the handling of the case where we detect an already\ncompleted task where we now end up doing a goto to the common put/cleanup\ncode. This results in a iscsi_task use after free, because the common\ncleanup code will do a put on the iscsi_task.\n\nThis reverts the goto and moves the iscsi_get_conn() to after we\u0027ve checked\nif the iscsi_task is valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47427",
"url": "https://www.suse.com/security/cve/CVE-2021-47427"
},
{
"category": "external",
"summary": "SUSE Bug 1225225 for CVE-2021-47427",
"url": "https://bugzilla.suse.com/1225225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47427"
},
{
"cve": "CVE-2021-47428",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47428"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: fix program check interrupt emergency stack path\n\nEmergency stack path was jumping into a 3: label inside the\n__GEN_COMMON_BODY macro for the normal path after it had finished,\nrather than jumping over it. By a small miracle this is the correct\nplace to build up a new interrupt frame with the existing stack\npointer, so things basically worked okay with an added weird looking\n700 trap frame on top (which had the wrong -\u003enip so it didn\u0027t decode\nbug messages either).\n\nFix this by avoiding using numeric labels when jumping over non-trivial\nmacros.\n\nBefore:\n\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in:\n CPU: 0 PID: 88 Comm: sh Not tainted 5.15.0-rc2-00034-ge057cdade6e5 #2637\n NIP: 7265677368657265 LR: c00000000006c0c8 CTR: c0000000000097f0\n REGS: c0000000fffb3a50 TRAP: 0700 Not tainted\n MSR: 9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e CR: 00000700 XER: 20040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006c964 c0000000fffb3cf0 c000000001513800 0000000000000000\n GPR04: 0000000048ab0778 0000000042000000 0000000000000000 0000000000001299\n GPR08: 000001e447c718ec 0000000022424282 0000000000002710 c00000000006bee8\n GPR12: 9000000000009033 c0000000016b0000 00000000000000b0 0000000000000001\n GPR16: 0000000000000000 0000000000000002 0000000000000000 0000000000000ff8\n GPR20: 0000000000001fff 0000000000000007 0000000000000080 00007fff89d90158\n GPR24: 0000000002000000 0000000002000000 0000000000000255 0000000000000300\n GPR28: c000000001270000 0000000042000000 0000000048ab0778 c000000080647e80\n NIP [7265677368657265] 0x7265677368657265\n LR [c00000000006c0c8] ___do_page_fault+0x3f8/0xb10\n Call Trace:\n [c0000000fffb3cf0] [c00000000000bdac] soft_nmi_common+0x13c/0x1d0 (unreliable)\n --- interrupt: 700 at decrementer_common_virt+0xb8/0x230\n NIP: c0000000000098b8 LR: c00000000006c0c8 CTR: c0000000000097f0\n REGS: c0000000fffb3d60 TRAP: 0700 Not tainted\n MSR: 9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e CR: 22424282 XER: 20040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006c964 0000000000002400 c000000001513800 0000000000000000\n GPR04: 0000000048ab0778 0000000042000000 0000000000000000 0000000000001299\n GPR08: 000001e447c718ec 0000000022424282 0000000000002710 c00000000006bee8\n GPR12: 9000000000009033 c0000000016b0000 00000000000000b0 0000000000000001\n GPR16: 0000000000000000 0000000000000002 0000000000000000 0000000000000ff8\n GPR20: 0000000000001fff 0000000000000007 0000000000000080 00007fff89d90158\n GPR24: 0000000002000000 0000000002000000 0000000000000255 0000000000000300\n GPR28: c000000001270000 0000000042000000 0000000048ab0778 c000000080647e80\n NIP [c0000000000098b8] decrementer_common_virt+0xb8/0x230\n LR [c00000000006c0c8] ___do_page_fault+0x3f8/0xb10\n --- interrupt: 700\n Instruction dump:\n XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX\n XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX\n ---[ end trace 6d28218e0cc3c949 ]---\n\nAfter:\n\n ------------[ cut here ]------------\n kernel BUG at arch/powerpc/kernel/exceptions-64s.S:491!\n Oops: Exception in kernel mode, sig: 5 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in:\n CPU: 0 PID: 88 Comm: login Not tainted 5.15.0-rc2-00034-ge057cdade6e5-dirty #2638\n NIP: c0000000000098b8 LR: c00000000006bf04 CTR: c0000000000097f0\n REGS: c0000000fffb3d60 TRAP: 0700 Not tainted\n MSR: 9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e CR: 24482227 XER: 00040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006bf04 0000000000002400 c000000001513800 c000000001271868\n GPR04: 00000000100f0d29 0000000042000000 0000000000000007 0000000000000009\n GPR08: 00000000100f0d29 0000000024482227 0000000000002710 c000000000181b3c\n GPR12: 9000000000009033 c0000000016b0000 00000000100f0d29 c000000005b22f00\n GPR16: 00000000ffff0000 0000000000000001 0000000000000009 00000000100eed90\n GPR20: 00000000100eed90 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47428",
"url": "https://www.suse.com/security/cve/CVE-2021-47428"
},
{
"category": "external",
"summary": "SUSE Bug 1225387 for CVE-2021-47428",
"url": "https://bugzilla.suse.com/1225387"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47428"
},
{
"cve": "CVE-2021-47429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix unrecoverable MCE calling async handler from NMI\n\nThe machine check handler is not considered NMI on 64s. The early\nhandler is the true NMI handler, and then it schedules the\nmachine_check_exception handler to run when interrupts are enabled.\n\nThis works fine except the case of an unrecoverable MCE, where the true\nNMI is taken when MSR[RI] is clear, it can not recover, so it calls\nmachine_check_exception directly so something might be done about it.\n\nCalling an async handler from NMI context can result in irq state and\nother things getting corrupted. This can also trigger the BUG at\n arch/powerpc/include/asm/interrupt.h:168\n BUG_ON(!arch_irq_disabled_regs(regs) \u0026\u0026 !(regs-\u003emsr \u0026 MSR_EE));\n\nFix this by making an _async version of the handler which is called\nin the normal case, and a NMI version that is called for unrecoverable\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47429",
"url": "https://www.suse.com/security/cve/CVE-2021-47429"
},
{
"category": "external",
"summary": "SUSE Bug 1225388 for CVE-2021-47429",
"url": "https://bugzilla.suse.com/1225388"
},
{
"category": "external",
"summary": "SUSE Bug 1227553 for CVE-2021-47429",
"url": "https://bugzilla.suse.com/1227553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47429"
},
{
"cve": "CVE-2021-47430",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47430"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n\n\nCommit\n\n 3c73b81a9164 (\"x86/entry, selftests: Further improve user entry sanity checks\")\n\nadded a warning if AC is set when in the kernel.\n\nCommit\n\n 662a0221893a3d (\"x86/entry: Fix AC assertion\")\n\nchanged the warning to only fire if the CPU supports SMAP.\n\nHowever, the warning can still trigger on a machine that supports SMAP\nbut where it\u0027s disabled in the kernel config and when running the\nsyscall_nt selftest, for example:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 49 at irqentry_enter_from_user_mode\n CPU: 0 PID: 49 Comm: init Tainted: G T 5.15.0-rc4+ #98 e6202628ee053b4f310759978284bd8bb0ce6905\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\n RIP: 0010:irqentry_enter_from_user_mode\n ...\n Call Trace:\n ? irqentry_enter\n ? exc_general_protection\n ? asm_exc_general_protection\n ? asm_exc_general_protectio\n\nIS_ENABLED(CONFIG_X86_SMAP) could be added to the warning condition, but\neven this would not be enough in case SMAP is disabled at boot time with\nthe \"nosmap\" parameter.\n\nTo be consistent with \"nosmap\" behaviour, clear X86_FEATURE_SMAP when\n!CONFIG_X86_SMAP.\n\nFound using entry-fuzz + satrandconfig.\n\n [ bp: Massage commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47430",
"url": "https://www.suse.com/security/cve/CVE-2021-47430"
},
{
"category": "external",
"summary": "SUSE Bug 1225228 for CVE-2021-47430",
"url": "https://bugzilla.suse.com/1225228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47430"
},
{
"cve": "CVE-2021-47431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix gart.bo pin_count leak\n\ngmc_v{9,10}_0_gart_disable() isn\u0027t called matched with\ncorrespoding gart_enbale function in SRIOV case. This will\nlead to gart.bo pin_count leak on driver unload.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47431",
"url": "https://www.suse.com/security/cve/CVE-2021-47431"
},
{
"category": "external",
"summary": "SUSE Bug 1225390 for CVE-2021-47431",
"url": "https://bugzilla.suse.com/1225390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47431"
},
{
"cve": "CVE-2021-47433",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47433"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix abort logic in btrfs_replace_file_extents\n\nError injection testing uncovered a case where we\u0027d end up with a\ncorrupt file system with a missing extent in the middle of a file. This\noccurs because the if statement to decide if we should abort is wrong.\n\nThe only way we would abort in this case is if we got a ret !=\n-EOPNOTSUPP and we called from the file clone code. However the\nprealloc code uses this path too. Instead we need to abort if there is\nan error, and the only error we _don\u0027t_ abort on is -EOPNOTSUPP and only\nif we came from the clone file code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47433",
"url": "https://www.suse.com/security/cve/CVE-2021-47433"
},
{
"category": "external",
"summary": "SUSE Bug 1225392 for CVE-2021-47433",
"url": "https://bugzilla.suse.com/1225392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47433"
},
{
"cve": "CVE-2021-47434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47434"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix command ring pointer corruption while aborting a command\n\nThe command ring pointer is located at [6:63] bits of the command\nring control register (CRCR). All the control bits like command stop,\nabort are located at [0:3] bits. While aborting a command, we read the\nCRCR and set the abort bit and write to the CRCR. The read will always\ngive command ring pointer as all zeros. So we essentially write only\nthe control bits. Since we split the 64 bit write into two 32 bit writes,\nthere is a possibility of xHC command ring stopped before the upper\ndword (all zeros) is written. If that happens, xHC updates the upper\ndword of its internal command ring pointer with all zeros. Next time,\nwhen the command ring is restarted, we see xHC memory access failures.\nFix this issue by only writing to the lower dword of CRCR where all\ncontrol bits are located.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47434",
"url": "https://www.suse.com/security/cve/CVE-2021-47434"
},
{
"category": "external",
"summary": "SUSE Bug 1225232 for CVE-2021-47434",
"url": "https://bugzilla.suse.com/1225232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47434"
},
{
"cve": "CVE-2021-47435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1 task2\ndo_resume\n -\u003edo_suspend\n -\u003edm_wait_for_completion\n bio_endio\n\t\t\t\t -\u003eclone_endio\n\t\t\t\t -\u003edm_io_dec_pending\n\t\t\t\t -\u003eend_io_acct\n\t\t\t\t -\u003ewakeup task1\n -\u003edm_swap_table\n -\u003e__bind\n -\u003e__bind_mempools\n -\u003ebioset_exit\n -\u003emempool_exit\n -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47435",
"url": "https://www.suse.com/security/cve/CVE-2021-47435"
},
{
"category": "external",
"summary": "SUSE Bug 1225247 for CVE-2021-47435",
"url": "https://bugzilla.suse.com/1225247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47435"
},
{
"cve": "CVE-2021-47436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: dsps: Fix the probe error path\n\nCommit 7c75bde329d7 (\"usb: musb: musb_dsps: request_irq() after\ninitializing musb\") has inverted the calls to\ndsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without\nupdating correctly the error path. dsps_create_musb_pdev() allocates and\nregisters a new platform device which must be unregistered and freed\nwith platform_device_unregister(), and this is missing upon\ndsps_setup_optional_vbus_irq() error.\n\nWhile on the master branch it seems not to trigger any issue, I observed\na kernel crash because of a NULL pointer dereference with a v5.10.70\nstable kernel where the patch mentioned above was backported. With this\nkernel version, -EPROBE_DEFER is returned the first time\ndsps_setup_optional_vbus_irq() is called which triggers the probe to\nerror out without unregistering the platform device. Unfortunately, on\nthe Beagle Bone Black Wireless, the platform device still living in the\nsystem is being used by the USB Ethernet gadget driver, which during the\nboot phase triggers the crash.\n\nMy limited knowledge of the musb world prevents me to revert this commit\nwhich was sent to silence a robot warning which, as far as I understand,\ndoes not make sense. The goal of this patch was to prevent an IRQ to\nfire before the platform device being registered. I think this cannot\never happen due to the fact that enabling the interrupts is done by the\n-\u003eenable() callback of the platform musb device, and this platform\ndevice must be already registered in order for the core or any other\nuser to use this callback.\n\nHence, I decided to fix the error path, which might prevent future\nerrors on mainline kernels while also fixing older ones.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47436",
"url": "https://www.suse.com/security/cve/CVE-2021-47436"
},
{
"category": "external",
"summary": "SUSE Bug 1225244 for CVE-2021-47436",
"url": "https://bugzilla.suse.com/1225244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47436"
},
{
"cve": "CVE-2021-47437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adis16475: fix deadlock on frequency set\n\nWith commit 39c024b51b560\n(\"iio: adis16475: improve sync scale mode handling\"), two deadlocks were\nintroduced:\n 1) The call to \u0027adis_write_reg_16()\u0027 was not changed to it\u0027s unlocked\n version.\n 2) The lock was not being released on the success path of the function.\n\nThis change fixes both these issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47437",
"url": "https://www.suse.com/security/cve/CVE-2021-47437"
},
{
"category": "external",
"summary": "SUSE Bug 1225245 for CVE-2021-47437",
"url": "https://bugzilla.suse.com/1225245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47437"
},
{
"cve": "CVE-2021-47438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47438"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path\n\nPrior to this patch in case mlx5_core_destroy_cq() failed it returns\nwithout completing all destroy operations and that leads to memory leak.\nInstead, complete the destroy flow before return error.\n\nAlso move mlx5_debug_cq_remove() to the beginning of mlx5_core_destroy_cq()\nto be symmetrical with mlx5_core_create_cq().\n\nkmemleak complains on:\n\nunreferenced object 0xc000000038625100 (size 64):\n comm \"ethtool\", pid 28301, jiffies 4298062946 (age 785.380s)\n hex dump (first 32 bytes):\n 60 01 48 94 00 00 00 c0 b8 05 34 c3 00 00 00 c0 `.H.......4.....\n 02 00 00 00 00 00 00 00 00 db 7d c1 00 00 00 c0 ..........}.....\n backtrace:\n [\u003c000000009e8643cb\u003e] add_res_tree+0xd0/0x270 [mlx5_core]\n [\u003c00000000e7cb8e6c\u003e] mlx5_debug_cq_add+0x5c/0xc0 [mlx5_core]\n [\u003c000000002a12918f\u003e] mlx5_core_create_cq+0x1d0/0x2d0 [mlx5_core]\n [\u003c00000000cef0a696\u003e] mlx5e_create_cq+0x210/0x3f0 [mlx5_core]\n [\u003c000000009c642c26\u003e] mlx5e_open_cq+0xb4/0x130 [mlx5_core]\n [\u003c0000000058dfa578\u003e] mlx5e_ptp_open+0x7f4/0xe10 [mlx5_core]\n [\u003c0000000081839561\u003e] mlx5e_open_channels+0x9cc/0x13e0 [mlx5_core]\n [\u003c0000000009cf05d4\u003e] mlx5e_switch_priv_channels+0xa4/0x230\n[mlx5_core]\n [\u003c0000000042bbedd8\u003e] mlx5e_safe_switch_params+0x14c/0x300\n[mlx5_core]\n [\u003c0000000004bc9db8\u003e] set_pflag_tx_port_ts+0x9c/0x160 [mlx5_core]\n [\u003c00000000a0553443\u003e] mlx5e_set_priv_flags+0xd0/0x1b0 [mlx5_core]\n [\u003c00000000a8f3d84b\u003e] ethnl_set_privflags+0x234/0x2d0\n [\u003c00000000fd27f27c\u003e] genl_family_rcv_msg_doit+0x108/0x1d0\n [\u003c00000000f495e2bb\u003e] genl_family_rcv_msg+0xe4/0x1f0\n [\u003c00000000646c5c2c\u003e] genl_rcv_msg+0x78/0x120\n [\u003c00000000d53e384e\u003e] netlink_rcv_skb+0x74/0x1a0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47438",
"url": "https://www.suse.com/security/cve/CVE-2021-47438"
},
{
"category": "external",
"summary": "SUSE Bug 1225229 for CVE-2021-47438",
"url": "https://bugzilla.suse.com/1225229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47438"
},
{
"cve": "CVE-2021-47439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: microchip: Added the condition for scheduling ksz_mib_read_work\n\nWhen the ksz module is installed and removed using rmmod, kernel crashes\nwith null pointer dereferrence error. During rmmod, ksz_switch_remove\nfunction tries to cancel the mib_read_workqueue using\ncancel_delayed_work_sync routine and unregister switch from dsa.\n\nDuring dsa_unregister_switch it calls ksz_mac_link_down, which in turn\nreschedules the workqueue since mib_interval is non-zero.\nDue to which queue executed after mib_interval and it tries to access\ndp-\u003eslave. But the slave is unregistered in the ksz_switch_remove\nfunction. Hence kernel crashes.\n\nTo avoid this crash, before canceling the workqueue, resetted the\nmib_interval to 0.\n\nv1 -\u003e v2:\n-Removed the if condition in ksz_mib_read_work",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47439",
"url": "https://www.suse.com/security/cve/CVE-2021-47439"
},
{
"category": "external",
"summary": "SUSE Bug 1225246 for CVE-2021-47439",
"url": "https://bugzilla.suse.com/1225246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47439"
},
{
"cve": "CVE-2021-47440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47440"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: encx24j600: check error in devm_regmap_init_encx24j600\n\ndevm_regmap_init may return error which caused by like out of memory,\nthis will results in null pointer dereference later when reading\nor writing register:\n\ngeneral protection fault in encx24j600_spi_probe\nKASAN: null-ptr-deref in range [0x0000000000000090-0x0000000000000097]\nCPU: 0 PID: 286 Comm: spi-encx24j600- Not tainted 5.15.0-rc2-00142-g9978db750e31-dirty #11 9c53a778c1306b1b02359f3c2bbedc0222cba652\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nRIP: 0010:regcache_cache_bypass drivers/base/regmap/regcache.c:540\nCode: 54 41 89 f4 55 53 48 89 fb 48 83 ec 08 e8 26 94 a8 fe 48 8d bb a0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4a 03 00 00 4c 8d ab b0 00 00 00 48 8b ab a0 00\nRSP: 0018:ffffc900010476b8 EFLAGS: 00010207\nRAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: 0000000000000000\nRDX: 0000000000000012 RSI: ffff888002de0000 RDI: 0000000000000094\nRBP: ffff888013c9a000 R08: 0000000000000000 R09: fffffbfff3f9cc6a\nR10: ffffc900010476e8 R11: fffffbfff3f9cc69 R12: 0000000000000001\nR13: 000000000000000a R14: ffff888013c9af54 R15: ffff888013c9ad08\nFS: 00007ffa984ab580(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055a6384136c8 CR3: 000000003bbe6003 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n encx24j600_spi_probe drivers/net/ethernet/microchip/encx24j600.c:459\n spi_probe drivers/spi/spi.c:397\n really_probe drivers/base/dd.c:517\n __driver_probe_device drivers/base/dd.c:751\n driver_probe_device drivers/base/dd.c:782\n __device_attach_driver drivers/base/dd.c:899\n bus_for_each_drv drivers/base/bus.c:427\n __device_attach drivers/base/dd.c:971\n bus_probe_device drivers/base/bus.c:487\n device_add drivers/base/core.c:3364\n __spi_add_device drivers/spi/spi.c:599\n spi_add_device drivers/spi/spi.c:641\n spi_new_device drivers/spi/spi.c:717\n new_device_store+0x18c/0x1f1 [spi_stub 4e02719357f1ff33f5a43d00630982840568e85e]\n dev_attr_store drivers/base/core.c:2074\n sysfs_kf_write fs/sysfs/file.c:139\n kernfs_fop_write_iter fs/kernfs/file.c:300\n new_sync_write fs/read_write.c:508 (discriminator 4)\n vfs_write fs/read_write.c:594\n ksys_write fs/read_write.c:648\n do_syscall_64 arch/x86/entry/common.c:50\n entry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:113\n\nAdd error check in devm_regmap_init_encx24j600 to avoid this situation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47440",
"url": "https://www.suse.com/security/cve/CVE-2021-47440"
},
{
"category": "external",
"summary": "SUSE Bug 1225248 for CVE-2021-47440",
"url": "https://bugzilla.suse.com/1225248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47440"
},
{
"cve": "CVE-2021-47441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: thermal: Fix out-of-bounds memory accesses\n\nCurrently, mlxsw allows cooling states to be set above the maximum\ncooling state supported by the driver:\n\n # cat /sys/class/thermal/thermal_zone2/cdev0/type\n mlxsw_fan\n # cat /sys/class/thermal/thermal_zone2/cdev0/max_state\n 10\n # echo 18 \u003e /sys/class/thermal/thermal_zone2/cdev0/cur_state\n # echo $?\n 0\n\nThis results in out-of-bounds memory accesses when thermal state\ntransition statistics are enabled (CONFIG_THERMAL_STATISTICS=y), as the\ntransition table is accessed with a too large index (state) [1].\n\nAccording to the thermal maintainer, it is the responsibility of the\ndriver to reject such operations [2].\n\nTherefore, return an error when the state to be set exceeds the maximum\ncooling state supported by the driver.\n\nTo avoid dead code, as suggested by the thermal maintainer [3],\npartially revert commit a421ce088ac8 (\"mlxsw: core: Extend cooling\ndevice with cooling levels\") that tried to interpret these invalid\ncooling states (above the maximum) in a special way. The cooling levels\narray is not removed in order to prevent the fans going below 20% PWM,\nwhich would cause them to get stuck at 0% PWM.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in thermal_cooling_device_stats_update+0x271/0x290\nRead of size 4 at addr ffff8881052f7bf8 by task kworker/0:0/5\n\nCPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.15.0-rc3-custom-45935-gce1adf704b14 #122\nHardware name: Mellanox Technologies Ltd. \"MSN2410-CB2FO\"/\"SA000874\", BIOS 4.6.5 03/08/2016\nWorkqueue: events_freezable_power_ thermal_zone_device_check\nCall Trace:\n dump_stack_lvl+0x8b/0xb3\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x7f/0x11b\n thermal_cooling_device_stats_update+0x271/0x290\n __thermal_cdev_update+0x15e/0x4e0\n thermal_cdev_update+0x9f/0xe0\n step_wise_throttle+0x770/0xee0\n thermal_zone_device_update+0x3f6/0xdf0\n process_one_work+0xa42/0x1770\n worker_thread+0x62f/0x13e0\n kthread+0x3ee/0x4e0\n ret_from_fork+0x1f/0x30\n\nAllocated by task 1:\n kasan_save_stack+0x1b/0x40\n __kasan_kmalloc+0x7c/0x90\n thermal_cooling_device_setup_sysfs+0x153/0x2c0\n __thermal_cooling_device_register.part.0+0x25b/0x9c0\n thermal_cooling_device_register+0xb3/0x100\n mlxsw_thermal_init+0x5c5/0x7e0\n __mlxsw_core_bus_device_register+0xcb3/0x19c0\n mlxsw_core_bus_device_register+0x56/0xb0\n mlxsw_pci_probe+0x54f/0x710\n local_pci_probe+0xc6/0x170\n pci_device_probe+0x2b2/0x4d0\n really_probe+0x293/0xd10\n __driver_probe_device+0x2af/0x440\n driver_probe_device+0x51/0x1e0\n __driver_attach+0x21b/0x530\n bus_for_each_dev+0x14c/0x1d0\n bus_add_driver+0x3ac/0x650\n driver_register+0x241/0x3d0\n mlxsw_sp_module_init+0xa2/0x174\n do_one_initcall+0xee/0x5f0\n kernel_init_freeable+0x45a/0x4de\n kernel_init+0x1f/0x210\n ret_from_fork+0x1f/0x30\n\nThe buggy address belongs to the object at ffff8881052f7800\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 1016 bytes inside of\n 1024-byte region [ffff8881052f7800, ffff8881052f7c00)\nThe buggy address belongs to the page:\npage:0000000052355272 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1052f0\nhead:0000000052355272 order:3 compound_mapcount:0 compound_pincount:0\nflags: 0x200000000010200(slab|head|node=0|zone=2)\nraw: 0200000000010200 ffffea0005034800 0000000300000003 ffff888100041dc0\nraw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff8881052f7a80: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc\n ffff8881052f7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff8881052f7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ^\n ffff8881052f7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffff8881052f7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\n[2] https://lore.kernel.org/linux-pm/9aca37cb-1629-5c67-\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47441",
"url": "https://www.suse.com/security/cve/CVE-2021-47441"
},
{
"category": "external",
"summary": "SUSE Bug 1225224 for CVE-2021-47441",
"url": "https://bugzilla.suse.com/1225224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47441"
},
{
"cve": "CVE-2021-47442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47442"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_in_send_sdd_req()\n\n\u0027skb\u0027 is allocated in digital_in_send_sdd_req(), but not free when\ndigital_in_send_cmd() failed, which will cause memory leak. Fix it\nby freeing \u0027skb\u0027 if digital_in_send_cmd() return failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47442",
"url": "https://www.suse.com/security/cve/CVE-2021-47442"
},
{
"category": "external",
"summary": "SUSE Bug 1225263 for CVE-2021-47442",
"url": "https://bugzilla.suse.com/1225263"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47442"
},
{
"cve": "CVE-2021-47443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47443"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_tg_listen_mdaa()\n\n\u0027params\u0027 is allocated in digital_tg_listen_mdaa(), but not free when\ndigital_send_cmd() failed, which will cause memory leak. Fix it by\nfreeing \u0027params\u0027 if digital_send_cmd() return failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47443",
"url": "https://www.suse.com/security/cve/CVE-2021-47443"
},
{
"category": "external",
"summary": "SUSE Bug 1225262 for CVE-2021-47443",
"url": "https://bugzilla.suse.com/1225262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47443"
},
{
"cve": "CVE-2021-47444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read\n\nIn commit e11f5bd8228f (\"drm: Add support for DP 1.4 Compliance edid\ncorruption test\") the function connector_bad_edid() started assuming\nthat the memory for the EDID passed to it was big enough to hold\n`edid[0x7e] + 1` blocks of data (1 extra for the base block). It\ncompletely ignored the fact that the function was passed `num_blocks`\nwhich indicated how much memory had been allocated for the EDID.\n\nLet\u0027s fix this by adding a bounds check.\n\nThis is important for handling the case where there\u0027s an error in the\nfirst block of the EDID. In that case we will call\nconnector_bad_edid() without having re-allocated memory based on\n`edid[0x7e]`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47444",
"url": "https://www.suse.com/security/cve/CVE-2021-47444"
},
{
"category": "external",
"summary": "SUSE Bug 1225243 for CVE-2021-47444",
"url": "https://bugzilla.suse.com/1225243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47444"
},
{
"cve": "CVE-2021-47445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix null pointer dereference on pointer edp\n\nThe initialization of pointer dev dereferences pointer edp before\nedp is null checked, so there is a potential null pointer deference\nissue. Fix this by only dereferencing edp after edp has been null\nchecked.\n\nAddresses-Coverity: (\"Dereference before null check\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47445",
"url": "https://www.suse.com/security/cve/CVE-2021-47445"
},
{
"category": "external",
"summary": "SUSE Bug 1225261 for CVE-2021-47445",
"url": "https://bugzilla.suse.com/1225261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47445"
},
{
"cve": "CVE-2021-47446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47446"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a4xx: fix error handling in a4xx_gpu_init()\n\nThis code returns 1 on error instead of a negative error. It leads to\nan Oops in the caller. A second problem is that the check for\n\"if (ret != -ENODATA)\" cannot be true because \"ret\" is set to 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47446",
"url": "https://www.suse.com/security/cve/CVE-2021-47446"
},
{
"category": "external",
"summary": "SUSE Bug 1225240 for CVE-2021-47446",
"url": "https://bugzilla.suse.com/1225240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47446"
},
{
"cve": "CVE-2021-47447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47447"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a3xx: fix error handling in a3xx_gpu_init()\n\nThese error paths returned 1 on failure, instead of a negative error\ncode. This would lead to an Oops in the caller. A second problem is\nthat the check for \"if (ret != -ENODATA)\" did not work because \"ret\" was\nset to 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47447",
"url": "https://www.suse.com/security/cve/CVE-2021-47447"
},
{
"category": "external",
"summary": "SUSE Bug 1225260 for CVE-2021-47447",
"url": "https://bugzilla.suse.com/1225260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47447"
},
{
"cve": "CVE-2021-47448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47448"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix possible stall on recvmsg()\n\nrecvmsg() can enter an infinite loop if the caller provides the\nMSG_WAITALL, the data present in the receive queue is not sufficient to\nfulfill the request, and no more data is received by the peer.\n\nWhen the above happens, mptcp_wait_data() will always return with\nno wait, as the MPTCP_DATA_READY flag checked by such function is\nset and never cleared in such code path.\n\nLeveraging the above syzbot was able to trigger an RCU stall:\n\nrcu: INFO: rcu_preempt self-detected stall on CPU\nrcu: 0-...!: (10499 ticks this GP) idle=0af/1/0x4000000000000000 softirq=10678/10678 fqs=1\n (t=10500 jiffies g=13089 q=109)\nrcu: rcu_preempt kthread starved for 10497 jiffies! g13089 f0x0 RCU_GP_WAIT_FQS(5) -\u003estate=0x0 -\u003ecpu=1\nrcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.\nrcu: RCU grace-period kthread stack dump:\ntask:rcu_preempt state:R running task stack:28696 pid: 14 ppid: 2 flags:0x00004000\nCall Trace:\n context_switch kernel/sched/core.c:4955 [inline]\n __schedule+0x940/0x26f0 kernel/sched/core.c:6236\n schedule+0xd3/0x270 kernel/sched/core.c:6315\n schedule_timeout+0x14a/0x2a0 kernel/time/timer.c:1881\n rcu_gp_fqs_loop+0x186/0x810 kernel/rcu/tree.c:1955\n rcu_gp_kthread+0x1de/0x320 kernel/rcu/tree.c:2128\n kthread+0x405/0x4f0 kernel/kthread.c:327\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\nrcu: Stack dump where RCU GP kthread last ran:\nSending NMI from CPU 0 to CPUs 1:\nNMI backtrace for cpu 1\nCPU: 1 PID: 8510 Comm: syz-executor827 Not tainted 5.15.0-rc2-next-20210920-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:bytes_is_nonzero mm/kasan/generic.c:84 [inline]\nRIP: 0010:memory_is_nonzero mm/kasan/generic.c:102 [inline]\nRIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:128 [inline]\nRIP: 0010:memory_is_poisoned mm/kasan/generic.c:159 [inline]\nRIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]\nRIP: 0010:kasan_check_range+0xc8/0x180 mm/kasan/generic.c:189\nCode: 38 00 74 ed 48 8d 50 08 eb 09 48 83 c0 01 48 39 d0 74 7a 80 38 00 74 f2 48 89 c2 b8 01 00 00 00 48 85 d2 75 56 5b 5d 41 5c c3 \u003c48\u003e 85 d2 74 5e 48 01 ea eb 09 48 83 c0 01 48 39 d0 74 50 80 38 00\nRSP: 0018:ffffc9000cd676c8 EFLAGS: 00000283\nRAX: ffffed100e9a110e RBX: ffffed100e9a110f RCX: ffffffff88ea062a\nRDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888074d08870\nRBP: ffffed100e9a110e R08: 0000000000000001 R09: ffff888074d08877\nR10: ffffed100e9a110e R11: 0000000000000000 R12: ffff888074d08000\nR13: ffff888074d08000 R14: ffff888074d08088 R15: ffff888074d08000\nFS: 0000555556d8e300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000180 CR3: 0000000068909000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n instrument_atomic_read_write include/linux/instrumented.h:101 [inline]\n test_and_clear_bit include/asm-generic/bitops/instrumented-atomic.h:83 [inline]\n mptcp_release_cb+0x14a/0x210 net/mptcp/protocol.c:3016\n release_sock+0xb4/0x1b0 net/core/sock.c:3204\n mptcp_wait_data net/mptcp/protocol.c:1770 [inline]\n mptcp_recvmsg+0xfd1/0x27b0 net/mptcp/protocol.c:2080\n inet6_recvmsg+0x11b/0x5e0 net/ipv6/af_inet6.c:659\n sock_recvmsg_nosec net/socket.c:944 [inline]\n ____sys_recvmsg+0x527/0x600 net/socket.c:2626\n ___sys_recvmsg+0x127/0x200 net/socket.c:2670\n do_recvmmsg+0x24d/0x6d0 net/socket.c:2764\n __sys_recvmmsg net/socket.c:2843 [inline]\n __do_sys_recvmmsg net/socket.c:2866 [inline]\n __se_sys_recvmmsg net/socket.c:2859 [inline]\n __x64_sys_recvmmsg+0x20b/0x260 net/socket.c:2859\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fc200d2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47448",
"url": "https://www.suse.com/security/cve/CVE-2021-47448"
},
{
"category": "external",
"summary": "SUSE Bug 1225129 for CVE-2021-47448",
"url": "https://bugzilla.suse.com/1225129"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47448"
},
{
"cve": "CVE-2021-47449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47449"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix locking for Tx timestamp tracking flush\n\nCommit 4dd0d5c33c3e (\"ice: add lock around Tx timestamp tracker flush\")\nadded a lock around the Tx timestamp tracker flow which is used to\ncleanup any left over SKBs and prepare for device removal.\n\nThis lock is problematic because it is being held around a call to\nice_clear_phy_tstamp. The clear function takes a mutex to send a PHY\nwrite command to firmware. This could lead to a deadlock if the mutex\nactually sleeps, and causes the following warning on a kernel with\npreemption debugging enabled:\n\n[ 715.419426] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:573\n[ 715.427900] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3100, name: rmmod\n[ 715.435652] INFO: lockdep is turned off.\n[ 715.439591] Preemption disabled at:\n[ 715.439594] [\u003c0000000000000000\u003e] 0x0\n[ 715.446678] CPU: 52 PID: 3100 Comm: rmmod Tainted: G W OE 5.15.0-rc4+ #42 bdd7ec3018e725f159ca0d372ce8c2c0e784891c\n[ 715.458058] Hardware name: Intel Corporation S2600STQ/S2600STQ, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[ 715.468483] Call Trace:\n[ 715.470940] dump_stack_lvl+0x6a/0x9a\n[ 715.474613] ___might_sleep.cold+0x224/0x26a\n[ 715.478895] __mutex_lock+0xb3/0x1440\n[ 715.482569] ? stack_depot_save+0x378/0x500\n[ 715.486763] ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.494979] ? kfree+0xc1/0x520\n[ 715.498128] ? mutex_lock_io_nested+0x12a0/0x12a0\n[ 715.502837] ? kasan_set_free_info+0x20/0x30\n[ 715.507110] ? __kasan_slab_free+0x10b/0x140\n[ 715.511385] ? slab_free_freelist_hook+0xc7/0x220\n[ 715.516092] ? kfree+0xc1/0x520\n[ 715.519235] ? ice_deinit_lag+0x16c/0x220 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.527359] ? ice_remove+0x1cf/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.535133] ? pci_device_remove+0xab/0x1d0\n[ 715.539318] ? __device_release_driver+0x35b/0x690\n[ 715.544110] ? driver_detach+0x214/0x2f0\n[ 715.548035] ? bus_remove_driver+0x11d/0x2f0\n[ 715.552309] ? pci_unregister_driver+0x26/0x250\n[ 715.556840] ? ice_module_exit+0xc/0x2f [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.564799] ? __do_sys_delete_module.constprop.0+0x2d8/0x4e0\n[ 715.570554] ? do_syscall_64+0x3b/0x90\n[ 715.574303] ? entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 715.579529] ? start_flush_work+0x542/0x8f0\n[ 715.583719] ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.591923] ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.599960] ? wait_for_completion_io+0x250/0x250\n[ 715.604662] ? lock_acquire+0x196/0x200\n[ 715.608504] ? do_raw_spin_trylock+0xa5/0x160\n[ 715.612864] ice_sbq_rw_reg+0x1e6/0x2f0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.620813] ? ice_reset+0x130/0x130 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.628497] ? __debug_check_no_obj_freed+0x1e8/0x3c0\n[ 715.633550] ? trace_hardirqs_on+0x1c/0x130\n[ 715.637748] ice_write_phy_reg_e810+0x70/0xf0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.646220] ? do_raw_spin_trylock+0xa5/0x160\n[ 715.650581] ? ice_ptp_release+0x910/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.658797] ? ice_ptp_release+0x255/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.667013] ice_clear_phy_tstamp+0x2c/0x110 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.675403] ice_ptp_release+0x408/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.683440] ice_remove+0x560/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.691037] ? _raw_spin_unlock_irqrestore+0x46/0x73\n[ 715.696005] pci_device_remove+0xab/0x1d0\n[ 715.700018] __device_release_driver+0x35b/0x690\n[ 715.704637] driver_detach+0x214/0x2f0\n[ 715.708389] bus_remove_driver+0x11d/0x2f0\n[ 715.712489] pci_unregister_driver+0x26/0x250\n[ 71\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47449",
"url": "https://www.suse.com/security/cve/CVE-2021-47449"
},
{
"category": "external",
"summary": "SUSE Bug 1225259 for CVE-2021-47449",
"url": "https://bugzilla.suse.com/1225259"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47449"
},
{
"cve": "CVE-2021-47450",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47450"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Fix host stage-2 PGD refcount\n\nThe KVM page-table library refcounts the pages of concatenated stage-2\nPGDs individually. However, when running KVM in protected mode, the\nhost\u0027s stage-2 PGD is currently managed by EL2 as a single high-order\ncompound page, which can cause the refcount of the tail pages to reach 0\nwhen they shouldn\u0027t, hence corrupting the page-table.\n\nFix this by introducing a new hyp_split_page() helper in the EL2 page\nallocator (matching the kernel\u0027s split_page() function), and make use of\nit from host_s2_zalloc_pages_exact().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47450",
"url": "https://www.suse.com/security/cve/CVE-2021-47450"
},
{
"category": "external",
"summary": "SUSE Bug 1225258 for CVE-2021-47450",
"url": "https://bugzilla.suse.com/1225258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47450"
},
{
"cve": "CVE-2021-47451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47451"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value\n\nCurrently, when the rule related to IDLETIMER is added, idletimer_tg timer\nstructure is initialized by kmalloc on executing idletimer_tg_create\nfunction. However, in this process timer-\u003etimer_type is not defined to\na specific value. Thus, timer-\u003etimer_type has garbage value and it occurs\nkernel panic. So, this commit fixes the panic by initializing\ntimer-\u003etimer_type using kzalloc instead of kmalloc.\n\nTest commands:\n # iptables -A OUTPUT -j IDLETIMER --timeout 1 --label test\n $ cat /sys/class/xt_idletimer/timers/test\n Killed\n\nSplat looks like:\n BUG: KASAN: user-memory-access in alarm_expires_remaining+0x49/0x70\n Read of size 8 at addr 0000002e8c7bc4c8 by task cat/917\n CPU: 12 PID: 917 Comm: cat Not tainted 5.14.0+ #3 79940a339f71eb14fc81aee1757a20d5bf13eb0e\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n dump_stack_lvl+0x6e/0x9c\n kasan_report.cold+0x112/0x117\n ? alarm_expires_remaining+0x49/0x70\n __asan_load8+0x86/0xb0\n alarm_expires_remaining+0x49/0x70\n idletimer_tg_show+0xe5/0x19b [xt_IDLETIMER 11219304af9316a21bee5ba9d58f76a6b9bccc6d]\n dev_attr_show+0x3c/0x60\n sysfs_kf_seq_show+0x11d/0x1f0\n ? device_remove_bin_file+0x20/0x20\n kernfs_seq_show+0xa4/0xb0\n seq_read_iter+0x29c/0x750\n kernfs_fop_read_iter+0x25a/0x2c0\n ? __fsnotify_parent+0x3d1/0x570\n ? iov_iter_init+0x70/0x90\n new_sync_read+0x2a7/0x3d0\n ? __x64_sys_llseek+0x230/0x230\n ? rw_verify_area+0x81/0x150\n vfs_read+0x17b/0x240\n ksys_read+0xd9/0x180\n ? vfs_write+0x460/0x460\n ? do_syscall_64+0x16/0xc0\n ? lockdep_hardirqs_on+0x79/0x120\n __x64_sys_read+0x43/0x50\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f0cdc819142\n Code: c0 e9 c2 fe ff ff 50 48 8d 3d 3a ca 0a 00 e8 f5 19 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24\n RSP: 002b:00007fff28eee5b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f0cdc819142\n RDX: 0000000000020000 RSI: 00007f0cdc032000 RDI: 0000000000000003\n RBP: 00007f0cdc032000 R08: 00007f0cdc031010 R09: 0000000000000000\n R10: 0000000000000022 R11: 0000000000000246 R12: 00005607e9ee31f0\n R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47451",
"url": "https://www.suse.com/security/cve/CVE-2021-47451"
},
{
"category": "external",
"summary": "SUSE Bug 1225237 for CVE-2021-47451",
"url": "https://bugzilla.suse.com/1225237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47451"
},
{
"cve": "CVE-2021-47452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: skip netdev events generated on netns removal\n\nsyzbot reported following (harmless) WARN:\n\n WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468\n nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230 [inline]\n nf_tables_unregister_hook include/net/netfilter/nf_tables.h:1090 [inline]\n __nft_release_basechain+0x138/0x640 net/netfilter/nf_tables_api.c:9524\n nft_netdev_event net/netfilter/nft_chain_filter.c:351 [inline]\n nf_tables_netdev_event+0x521/0x8a0 net/netfilter/nft_chain_filter.c:382\n\nreproducer:\nunshare -n bash -c \u0027ip link add br0 type bridge; nft add table netdev t ; \\\n nft add chain netdev t ingress \\{ type filter hook ingress device \"br0\" \\\n priority 0\\; policy drop\\; \\}\u0027\n\nProblem is that when netns device exit hooks create the UNREGISTER\nevent, the .pre_exit hook for nf_tables core has already removed the\nbase hook. Notifier attempts to do this again.\n\nThe need to do base hook unregister unconditionally was needed in the past,\nbecause notifier was last stage where reg-\u003edev dereference was safe.\n\nNow that nf_tables does the hook removal in .pre_exit, this isn\u0027t\nneeded anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47452",
"url": "https://www.suse.com/security/cve/CVE-2021-47452"
},
{
"category": "external",
"summary": "SUSE Bug 1225257 for CVE-2021-47452",
"url": "https://bugzilla.suse.com/1225257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47452"
},
{
"cve": "CVE-2021-47453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Avoid crash from unnecessary IDA free\n\nIn the remove path, there is an attempt to free the aux_idx IDA whether\nit was allocated or not. This can potentially cause a crash when\nunloading the driver on systems that do not initialize support for RDMA.\nBut, this free cannot be gated by the status bit for RDMA, since it is\nallocated if the driver detects support for RDMA at probe time, but the\ndriver can enter into a state where RDMA is not supported after the IDA\nhas been allocated at probe time and this would lead to a memory leak.\n\nInitialize aux_idx to an invalid value and check for a valid value when\nunloading to determine if an IDA free is necessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47453",
"url": "https://www.suse.com/security/cve/CVE-2021-47453"
},
{
"category": "external",
"summary": "SUSE Bug 1225239 for CVE-2021-47453",
"url": "https://bugzilla.suse.com/1225239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47453"
},
{
"cve": "CVE-2021-47454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/smp: do not decrement idle task preempt count in CPU offline\n\nWith PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we\nget:\n\nBUG: scheduling while atomic: swapper/1/0/0x00000000\nno locks held by swapper/1/0.\nCPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.0-rc2+ #100\nCall Trace:\n dump_stack_lvl+0xac/0x108\n __schedule_bug+0xac/0xe0\n __schedule+0xcf8/0x10d0\n schedule_idle+0x3c/0x70\n do_idle+0x2d8/0x4a0\n cpu_startup_entry+0x38/0x40\n start_secondary+0x2ec/0x3a0\n start_secondary_prolog+0x10/0x14\n\nThis is because powerpc\u0027s arch_cpu_idle_dead() decrements the idle task\u0027s\npreempt count, for reasons explained in commit a7c2bb8279d2 (\"powerpc:\nRe-enable preemption before cpu_die()\"), specifically \"start_secondary()\nexpects a preempt_count() of 0.\"\n\nHowever, since commit 2c669ef6979c (\"powerpc/preempt: Don\u0027t touch the idle\ntask\u0027s preempt_count during hotplug\") and commit f1a0a376ca0c (\"sched/core:\nInitialize the idle task with preemption disabled\"), that justification no\nlonger holds.\n\nThe idle task isn\u0027t supposed to re-enable preemption, so remove the\nvestigial preempt_enable() from the CPU offline path.\n\nTested with pseries and powernv in qemu, and pseries on PowerVM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47454",
"url": "https://www.suse.com/security/cve/CVE-2021-47454"
},
{
"category": "external",
"summary": "SUSE Bug 1225255 for CVE-2021-47454",
"url": "https://bugzilla.suse.com/1225255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47454"
},
{
"cve": "CVE-2021-47455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Fix possible memory leak in ptp_clock_register()\n\nI got memory leak as follows when doing fault injection test:\n\nunreferenced object 0xffff88800906c618 (size 8):\n comm \"i2c-idt82p33931\", pid 4421, jiffies 4294948083 (age 13.188s)\n hex dump (first 8 bytes):\n 70 74 70 30 00 00 00 00 ptp0....\n backtrace:\n [\u003c00000000312ed458\u003e] __kmalloc_track_caller+0x19f/0x3a0\n [\u003c0000000079f6e2ff\u003e] kvasprintf+0xb5/0x150\n [\u003c0000000026aae54f\u003e] kvasprintf_const+0x60/0x190\n [\u003c00000000f323a5f7\u003e] kobject_set_name_vargs+0x56/0x150\n [\u003c000000004e35abdd\u003e] dev_set_name+0xc0/0x100\n [\u003c00000000f20cfe25\u003e] ptp_clock_register+0x9f4/0xd30 [ptp]\n [\u003c000000008bb9f0de\u003e] idt82p33_probe.cold+0x8b6/0x1561 [ptp_idt82p33]\n\nWhen posix_clock_register() returns an error, the name allocated\nin dev_set_name() will be leaked, the put_device() should be used\nto give up the device reference, then the name will be freed in\nkobject_cleanup() and other memory will be freed in ptp_clock_release().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47455",
"url": "https://www.suse.com/security/cve/CVE-2021-47455"
},
{
"category": "external",
"summary": "SUSE Bug 1225254 for CVE-2021-47455",
"url": "https://bugzilla.suse.com/1225254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47455"
},
{
"cve": "CVE-2021-47456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_pci: peak_pci_remove(): fix UAF\n\nWhen remove the module peek_pci, referencing \u0027chan\u0027 again after\nreleasing \u0027dev\u0027 will cause UAF.\n\nFix this by releasing \u0027dev\u0027 later.\n\nThe following log reveals it:\n\n[ 35.961814 ] BUG: KASAN: use-after-free in peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.963414 ] Read of size 8 at addr ffff888136998ee8 by task modprobe/5537\n[ 35.965513 ] Call Trace:\n[ 35.965718 ] dump_stack_lvl+0xa8/0xd1\n[ 35.966028 ] print_address_description+0x87/0x3b0\n[ 35.966420 ] kasan_report+0x172/0x1c0\n[ 35.966725 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967137 ] ? trace_irq_enable_rcuidle+0x10/0x170\n[ 35.967529 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967945 ] __asan_report_load8_noabort+0x14/0x20\n[ 35.968346 ] peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.968752 ] pci_device_remove+0xa9/0x250",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47456",
"url": "https://www.suse.com/security/cve/CVE-2021-47456"
},
{
"category": "external",
"summary": "SUSE Bug 1225256 for CVE-2021-47456",
"url": "https://bugzilla.suse.com/1225256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47456"
},
{
"cve": "CVE-2021-47457",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47457"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()\n\nUsing wait_event_interruptible() to wait for complete transmission,\nbut do not check the result of wait_event_interruptible() which can be\ninterrupted. It will result in TX buffer has multiple accessors and\nthe later process interferes with the previous process.\n\nFollowing is one of the problems reported by syzbot.\n\n=============================================================\nWARNING: CPU: 0 PID: 0 at net/can/isotp.c:840 isotp_tx_timer_handler+0x2e0/0x4c0\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.13.0-rc7+ #68\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1 04/01/2014\nRIP: 0010:isotp_tx_timer_handler+0x2e0/0x4c0\nCall Trace:\n \u003cIRQ\u003e\n ? isotp_setsockopt+0x390/0x390\n __hrtimer_run_queues+0xb8/0x610\n hrtimer_run_softirq+0x91/0xd0\n ? rcu_read_lock_sched_held+0x4d/0x80\n __do_softirq+0xe8/0x553\n irq_exit_rcu+0xf8/0x100\n sysvec_apic_timer_interrupt+0x9e/0xc0\n \u003c/IRQ\u003e\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n\nAdd result check for wait_event_interruptible() in isotp_sendmsg()\nto avoid multiple accessers for tx buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47457",
"url": "https://www.suse.com/security/cve/CVE-2021-47457"
},
{
"category": "external",
"summary": "SUSE Bug 1225235 for CVE-2021-47457",
"url": "https://bugzilla.suse.com/1225235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47457"
},
{
"cve": "CVE-2021-47458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: mount fails with buffer overflow in strlen\n\nStarting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an\nocfs2 filesystem with either o2cb or pcmk cluster stack fails with the\ntrace below. Problem seems to be that strings for cluster stack and\ncluster name are not guaranteed to be null terminated in the disk\nrepresentation, while strlcpy assumes that the source string is always\nnull terminated. This causes a read outside of the source string\ntriggering the buffer overflow detection.\n\n detected buffer overflow in strlen\n ------------[ cut here ]------------\n kernel BUG at lib/string.c:1149!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 1 PID: 910 Comm: mount.ocfs2 Not tainted 5.14.0-1-amd64 #1\n Debian 5.14.6-2\n RIP: 0010:fortify_panic+0xf/0x11\n ...\n Call Trace:\n ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]\n ocfs2_fill_super+0x359/0x19b0 [ocfs2]\n mount_bdev+0x185/0x1b0\n legacy_get_tree+0x27/0x40\n vfs_get_tree+0x25/0xb0\n path_mount+0x454/0xa20\n __x64_sys_mount+0x103/0x140\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47458",
"url": "https://www.suse.com/security/cve/CVE-2021-47458"
},
{
"category": "external",
"summary": "SUSE Bug 1225252 for CVE-2021-47458",
"url": "https://bugzilla.suse.com/1225252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47458"
},
{
"cve": "CVE-2021-47459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv\n\nIt will trigger UAF for rx_kref of j1939_priv as following.\n\n cpu0 cpu1\nj1939_sk_bind(socket0, ndev0, ...)\nj1939_netdev_start\n j1939_sk_bind(socket1, ndev0, ...)\n j1939_netdev_start\nj1939_priv_set\n j1939_priv_get_by_ndev_locked\nj1939_jsk_add\n.....\nj1939_netdev_stop\nkref_put_lock(\u0026priv-\u003erx_kref, ...)\n kref_get(\u0026priv-\u003erx_kref, ...)\n REFCOUNT_WARN(\"addition on 0;...\")\n\n====================================================\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 1 PID: 20874 at lib/refcount.c:25 refcount_warn_saturate+0x169/0x1e0\nRIP: 0010:refcount_warn_saturate+0x169/0x1e0\nCall Trace:\n j1939_netdev_start+0x68b/0x920\n j1939_sk_bind+0x426/0xeb0\n ? security_socket_bind+0x83/0xb0\n\nThe rx_kref\u0027s kref_get() and kref_put() should use j1939_netdev_lock to\nprotect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47459",
"url": "https://www.suse.com/security/cve/CVE-2021-47459"
},
{
"category": "external",
"summary": "SUSE Bug 1225253 for CVE-2021-47459",
"url": "https://bugzilla.suse.com/1225253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47459"
},
{
"cve": "CVE-2021-47460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47460"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption after conversion from inline format\n\nCommit 6dbf7bb55598 (\"fs: Don\u0027t invalidate page buffers in\nblock_write_full_page()\") uncovered a latent bug in ocfs2 conversion\nfrom inline inode format to a normal inode format.\n\nThe code in ocfs2_convert_inline_data_to_extents() attempts to zero out\nthe whole cluster allocated for file data by grabbing, zeroing, and\ndirtying all pages covering this cluster. However these pages are\nbeyond i_size, thus writeback code generally ignores these dirty pages\nand no blocks were ever actually zeroed on the disk.\n\nThis oversight was fixed by commit 693c241a5f6a (\"ocfs2: No need to zero\npages past i_size.\") for standard ocfs2 write path, inline conversion\npath was apparently forgotten; the commit log also has a reasoning why\nthe zeroing actually is not needed.\n\nAfter commit 6dbf7bb55598, things became worse as writeback code stopped\ninvalidating buffers on pages beyond i_size and thus these pages end up\nwith clean PageDirty bit but with buffers attached to these pages being\nstill dirty. So when a file is converted from inline format, then\nwriteback triggers, and then the file is grown so that these pages\nbecome valid, the invalid dirtiness state is preserved,\nmark_buffer_dirty() does nothing on these pages (buffers are already\ndirty) but page is never written back because it is clean. So data\nwritten to these pages is lost once pages are reclaimed.\n\nSimple reproducer for the problem is:\n\n xfs_io -f -c \"pwrite 0 2000\" -c \"pwrite 2000 2000\" -c \"fsync\" \\\n -c \"pwrite 4000 2000\" ocfs2_file\n\nAfter unmounting and mounting the fs again, you can observe that end of\n\u0027ocfs2_file\u0027 has lost its contents.\n\nFix the problem by not doing the pointless zeroing during conversion\nfrom inline format similarly as in the standard write path.\n\n[akpm@linux-foundation.org: fix whitespace, per Joseph]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47460",
"url": "https://www.suse.com/security/cve/CVE-2021-47460"
},
{
"category": "external",
"summary": "SUSE Bug 1225251 for CVE-2021-47460",
"url": "https://bugzilla.suse.com/1225251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47460"
},
{
"cve": "CVE-2021-47461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47461"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: fix a race between writeprotect and exit_mmap()\n\nA race is possible when a process exits, its VMAs are removed by\nexit_mmap() and at the same time userfaultfd_writeprotect() is called.\n\nThe race was detected by KASAN on a development kernel, but it appears\nto be possible on vanilla kernels as well.\n\nUse mmget_not_zero() to prevent the race as done in other userfaultfd\noperations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47461",
"url": "https://www.suse.com/security/cve/CVE-2021-47461"
},
{
"category": "external",
"summary": "SUSE Bug 1225249 for CVE-2021-47461",
"url": "https://bugzilla.suse.com/1225249"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47461"
},
{
"cve": "CVE-2021-47462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47462"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()\n\nsyzbot reported access to unitialized memory in mbind() [1]\n\nIssue came with commit bda420b98505 (\"numa balancing: migrate on fault\namong multiple bound nodes\")\n\nThis commit added a new bit in MPOL_MODE_FLAGS, but only checked valid\ncombination (MPOL_F_NUMA_BALANCING can only be used with MPOL_BIND) in\ndo_set_mempolicy()\n\nThis patch moves the check in sanitize_mpol_flags() so that it is also\nused by mbind()\n\n [1]\n BUG: KMSAN: uninit-value in __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n mpol_equal include/linux/mempolicy.h:105 [inline]\n vma_merge+0x4a1/0x1e60 mm/mmap.c:1190\n mbind_range+0xcc8/0x1e80 mm/mempolicy.c:811\n do_mbind+0xf42/0x15f0 mm/mempolicy.c:1333\n kernel_mbind mm/mempolicy.c:1483 [inline]\n __do_sys_mbind mm/mempolicy.c:1490 [inline]\n __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n Uninit was created at:\n slab_alloc_node mm/slub.c:3221 [inline]\n slab_alloc mm/slub.c:3230 [inline]\n kmem_cache_alloc+0x751/0xff0 mm/slub.c:3235\n mpol_new mm/mempolicy.c:293 [inline]\n do_mbind+0x912/0x15f0 mm/mempolicy.c:1289\n kernel_mbind mm/mempolicy.c:1483 [inline]\n __do_sys_mbind mm/mempolicy.c:1490 [inline]\n __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n =====================================================\n Kernel panic - not syncing: panic_on_kmsan set ...\n CPU: 0 PID: 15049 Comm: syz-executor.0 Tainted: G B 5.15.0-rc2-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n Call Trace:\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1ff/0x28e lib/dump_stack.c:106\n dump_stack+0x25/0x28 lib/dump_stack.c:113\n panic+0x44f/0xdeb kernel/panic.c:232\n kmsan_report+0x2ee/0x300 mm/kmsan/report.c:186\n __msan_warning+0xd7/0x150 mm/kmsan/instrumentation.c:208\n __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n mpol_equal include/linux/mempolicy.h:105 [inline]\n vma_merge+0x4a1/0x1e60 mm/mmap.c:1190\n mbind_range+0xcc8/0x1e80 mm/mempolicy.c:811\n do_mbind+0xf42/0x15f0 mm/mempolicy.c:1333\n kernel_mbind mm/mempolicy.c:1483 [inline]\n __do_sys_mbind mm/mempolicy.c:1490 [inline]\n __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47462",
"url": "https://www.suse.com/security/cve/CVE-2021-47462"
},
{
"category": "external",
"summary": "SUSE Bug 1225250 for CVE-2021-47462",
"url": "https://bugzilla.suse.com/1225250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47462"
},
{
"cve": "CVE-2021-47463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47463"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/secretmem: fix NULL page-\u003emapping dereference in page_is_secretmem()\n\nCheck for a NULL page-\u003emapping before dereferencing the mapping in\npage_is_secretmem(), as the page\u0027s mapping can be nullified while gup()\nis running, e.g. by reclaim or truncation.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000068\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 6 PID: 4173897 Comm: CPU 3/KVM Tainted: G W\n RIP: 0010:internal_get_user_pages_fast+0x621/0x9d0\n Code: \u003c48\u003e 81 7a 68 80 08 04 bc 0f 85 21 ff ff 8 89 c7 be\n RSP: 0018:ffffaa90087679b0 EFLAGS: 00010046\n RAX: ffffe3f37905b900 RBX: 00007f2dd561e000 RCX: ffffe3f37905b934\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffe3f37905b900\n ...\n CR2: 0000000000000068 CR3: 00000004c5898003 CR4: 00000000001726e0\n Call Trace:\n get_user_pages_fast_only+0x13/0x20\n hva_to_pfn+0xa9/0x3e0\n try_async_pf+0xa1/0x270\n direct_page_fault+0x113/0xad0\n kvm_mmu_page_fault+0x69/0x680\n vmx_handle_exit+0xe1/0x5d0\n kvm_arch_vcpu_ioctl_run+0xd81/0x1c70\n kvm_vcpu_ioctl+0x267/0x670\n __x64_sys_ioctl+0x83/0xa0\n do_syscall_64+0x56/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47463",
"url": "https://www.suse.com/security/cve/CVE-2021-47463"
},
{
"category": "external",
"summary": "SUSE Bug 1225127 for CVE-2021-47463",
"url": "https://bugzilla.suse.com/1225127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47463"
},
{
"cve": "CVE-2021-47464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: fix possible null-pointer dereference in audit_filter_rules\n\nFix possible null-pointer dereference in audit_filter_rules.\n\naudit_filter_rules() error: we previously assumed \u0027ctx\u0027 could be null",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47464",
"url": "https://www.suse.com/security/cve/CVE-2021-47464"
},
{
"category": "external",
"summary": "SUSE Bug 1225393 for CVE-2021-47464",
"url": "https://bugzilla.suse.com/1225393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47464"
},
{
"cve": "CVE-2021-47465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()\n\nIn commit 10d91611f426 (\"powerpc/64s: Reimplement book3s idle code in\nC\") kvm_start_guest() became idle_kvm_start_guest(). The old code\nallocated a stack frame on the emergency stack, but didn\u0027t use the\nframe to store anything, and also didn\u0027t store anything in its caller\u0027s\nframe.\n\nidle_kvm_start_guest() on the other hand is written more like a normal C\nfunction, it creates a frame on entry, and also stores CR/LR into its\ncallers frame (per the ABI). The problem is that there is no caller\nframe on the emergency stack.\n\nThe emergency stack for a given CPU is allocated with:\n\n paca_ptrs[i]-\u003eemergency_sp = alloc_stack(limit, i) + THREAD_SIZE;\n\nSo emergency_sp actually points to the first address above the emergency\nstack allocation for a given CPU, we must not store above it without\nfirst decrementing it to create a frame. This is different to the\nregular kernel stack, paca-\u003ekstack, which is initialised to point at an\ninitial frame that is ready to use.\n\nidle_kvm_start_guest() stores the backchain, CR and LR all of which\nwrite outside the allocation for the emergency stack. It then creates a\nstack frame and saves the non-volatile registers. Unfortunately the\nframe it creates is not large enough to fit the non-volatiles, and so\nthe saving of the non-volatile registers also writes outside the\nemergency stack allocation.\n\nThe end result is that we corrupt whatever is at 0-24 bytes, and 112-248\nbytes above the emergency stack allocation.\n\nIn practice this has gone unnoticed because the memory immediately above\nthe emergency stack happens to be used for other stack allocations,\neither another CPUs mc_emergency_sp or an IRQ stack. See the order of\ncalls to irqstack_early_init() and emergency_stack_init().\n\nThe low addresses of another stack are the top of that stack, and so are\nonly used if that stack is under extreme pressue, which essentially\nnever happens in practice - and if it did there\u0027s a high likelyhood we\u0027d\ncrash due to that stack overflowing.\n\nStill, we shouldn\u0027t be corrupting someone else\u0027s stack, and it is purely\nluck that we aren\u0027t corrupting something else.\n\nTo fix it we save CR/LR into the caller\u0027s frame using the existing r1 on\nentry, we then create a SWITCH_FRAME_SIZE frame (which has space for\npt_regs) on the emergency stack with the backchain pointing to the\nexisting stack, and then finally we switch to the new frame on the\nemergency stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47465",
"url": "https://www.suse.com/security/cve/CVE-2021-47465"
},
{
"category": "external",
"summary": "SUSE Bug 1225341 for CVE-2021-47465",
"url": "https://bugzilla.suse.com/1225341"
},
{
"category": "external",
"summary": "SUSE Bug 1227904 for CVE-2021-47465",
"url": "https://bugzilla.suse.com/1227904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47465"
},
{
"cve": "CVE-2021-47466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47466"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: fix potential memoryleak in kmem_cache_open()\n\nIn error path, the random_seq of slub cache might be leaked. Fix this\nby using __kmem_cache_release() to release all the relevant resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47466",
"url": "https://www.suse.com/security/cve/CVE-2021-47466"
},
{
"category": "external",
"summary": "SUSE Bug 1225342 for CVE-2021-47466",
"url": "https://bugzilla.suse.com/1225342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47466"
},
{
"cve": "CVE-2021-47467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47467"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit: fix reference count leak in kfree_at_end\n\nThe reference counting issue happens in the normal path of\nkfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the\nfunction forgets to handle the returned resource object, whose refcount\nincreased inside, causing a refcount leak.\n\nFix this issue by calling kunit_alloc_resource() instead of\nkunit_alloc_and_get_resource().\n\nFixed the following when applying:\nShuah Khan \u003cskhan@linuxfoundation.org\u003e\n\nCHECK: Alignment should match open parenthesis\n+\tkunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL,\n \t\t\t\t (void *)to_free);",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47467",
"url": "https://www.suse.com/security/cve/CVE-2021-47467"
},
{
"category": "external",
"summary": "SUSE Bug 1225344 for CVE-2021-47467",
"url": "https://bugzilla.suse.com/1225344"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "not set"
}
],
"title": "CVE-2021-47467"
},
{
"cve": "CVE-2021-47468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47468"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: Fix sleeping function called from invalid context\n\nThe driver can call card-\u003eisac.release() function from an atomic\ncontext.\n\nFix this by calling this function after releasing the lock.\n\nThe following log reveals it:\n\n[ 44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018\n[ 44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe\n[ 44.169574 ] INFO: lockdep is turned off.\n[ 44.169899 ] irq event stamp: 0\n[ 44.170160 ] hardirqs last enabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 44.170627 ] hardirqs last disabled at (0): [\u003cffffffff814209ed\u003e] copy_process+0x132d/0x3e00\n[ 44.171240 ] softirqs last enabled at (0): [\u003cffffffff81420a1a\u003e] copy_process+0x135a/0x3e00\n[ 44.171852 ] softirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 44.172318 ] Preemption disabled at:\n[ 44.172320 ] [\u003cffffffffa009b0a9\u003e] nj_release+0x69/0x500 [netjet]\n[ 44.174441 ] Call Trace:\n[ 44.174630 ] dump_stack_lvl+0xa8/0xd1\n[ 44.174912 ] dump_stack+0x15/0x17\n[ 44.175166 ] ___might_sleep+0x3a2/0x510\n[ 44.175459 ] ? nj_release+0x69/0x500 [netjet]\n[ 44.175791 ] __might_sleep+0x82/0xe0\n[ 44.176063 ] ? start_flush_work+0x20/0x7b0\n[ 44.176375 ] start_flush_work+0x33/0x7b0\n[ 44.176672 ] ? trace_irq_enable_rcuidle+0x85/0x170\n[ 44.177034 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177372 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177711 ] __flush_work+0x11a/0x1a0\n[ 44.177991 ] ? flush_work+0x20/0x20\n[ 44.178257 ] ? lock_release+0x13c/0x8f0\n[ 44.178550 ] ? __kasan_check_write+0x14/0x20\n[ 44.178872 ] ? do_raw_spin_lock+0x148/0x360\n[ 44.179187 ] ? read_lock_is_recursive+0x20/0x20\n[ 44.179530 ] ? __kasan_check_read+0x11/0x20\n[ 44.179846 ] ? do_raw_spin_unlock+0x55/0x900\n[ 44.180168 ] ? ____kasan_slab_free+0x116/0x140\n[ 44.180505 ] ? _raw_spin_unlock_irqrestore+0x41/0x60\n[ 44.180878 ] ? skb_queue_purge+0x1a3/0x1c0\n[ 44.181189 ] ? kfree+0x13e/0x290\n[ 44.181438 ] flush_work+0x17/0x20\n[ 44.181695 ] mISDN_freedchannel+0xe8/0x100\n[ 44.182006 ] isac_release+0x210/0x260 [mISDNipac]\n[ 44.182366 ] nj_release+0xf6/0x500 [netjet]\n[ 44.182685 ] nj_remove+0x48/0x70 [netjet]\n[ 44.182989 ] pci_device_remove+0xa9/0x250",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47468",
"url": "https://www.suse.com/security/cve/CVE-2021-47468"
},
{
"category": "external",
"summary": "SUSE Bug 1225346 for CVE-2021-47468",
"url": "https://bugzilla.suse.com/1225346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47468"
},
{
"cve": "CVE-2021-47469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47469"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47469",
"url": "https://www.suse.com/security/cve/CVE-2021-47469"
},
{
"category": "external",
"summary": "SUSE Bug 1225347 for CVE-2021-47469",
"url": "https://bugzilla.suse.com/1225347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47469"
},
{
"cve": "CVE-2021-47470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: fix potential use-after-free in slab_debugfs_fops\n\nWhen sysfs_slab_add failed, we shouldn\u0027t call debugfs_slab_add() for s\nbecause s will be freed soon. And slab_debugfs_fops will use s later\nleading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47470",
"url": "https://www.suse.com/security/cve/CVE-2021-47470"
},
{
"category": "external",
"summary": "SUSE Bug 1225186 for CVE-2021-47470",
"url": "https://bugzilla.suse.com/1225186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47470"
},
{
"cve": "CVE-2021-47471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47471"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: mxsfb: Fix NULL pointer dereference crash on unload\n\nThe mxsfb-\u003ecrtc.funcs may already be NULL when unloading the driver,\nin which case calling mxsfb_irq_disable() via drm_irq_uninstall() from\nmxsfb_unload() leads to NULL pointer dereference.\n\nSince all we care about is masking the IRQ and mxsfb-\u003ebase is still\nvalid, just use that to clear and mask the IRQ.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47471",
"url": "https://www.suse.com/security/cve/CVE-2021-47471"
},
{
"category": "external",
"summary": "SUSE Bug 1225187 for CVE-2021-47471",
"url": "https://bugzilla.suse.com/1225187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47471"
},
{
"cve": "CVE-2021-47472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47472"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47472",
"url": "https://www.suse.com/security/cve/CVE-2021-47472"
},
{
"category": "external",
"summary": "SUSE Bug 1225189 for CVE-2021-47472",
"url": "https://bugzilla.suse.com/1225189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47472"
},
{
"cve": "CVE-2021-47473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()\n\nCommit 8c0eb596baa5 (\"[SCSI] qla2xxx: Fix a memory leak in an error path of\nqla2x00_process_els()\"), intended to change:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_HST_ELS_NOLOGIN\n\n\n bsg_job-\u003erequest-\u003emsgcode != FC_BSG_RPT_ELS\n\nbut changed it to:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_RPT_ELS\n\ninstead.\n\nChange the == to a != to avoid leaking the fcport structure or freeing\nunallocated memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47473",
"url": "https://www.suse.com/security/cve/CVE-2021-47473"
},
{
"category": "external",
"summary": "SUSE Bug 1225192 for CVE-2021-47473",
"url": "https://bugzilla.suse.com/1225192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47473"
},
{
"cve": "CVE-2021-47474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix bulk-buffer overflow\n\nThe driver is using endpoint-sized buffers but must not assume that the\ntx and rx buffers are of equal size or a malicious device could overflow\nthe slab-allocated receive buffer when doing bulk transfers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47474",
"url": "https://www.suse.com/security/cve/CVE-2021-47474"
},
{
"category": "external",
"summary": "SUSE Bug 1224915 for CVE-2021-47474",
"url": "https://bugzilla.suse.com/1224915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47474"
},
{
"cve": "CVE-2021-47475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47475"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix transfer-buffer overflows\n\nThe driver uses endpoint-sized USB transfer buffers but up until\nrecently had no sanity checks on the sizes.\n\nCommit e1f13c879a7c (\"staging: comedi: check validity of wMaxPacketSize\nof usb endpoints found\") inadvertently fixed NULL-pointer dereferences\nwhen accessing the transfer buffers in case a malicious device has a\nzero wMaxPacketSize.\n\nMake sure to allocate buffers large enough to handle also the other\naccesses that are done without a size check (e.g. byte 18 in\nvmk80xx_cnt_insn_read() for the VMK8061_MODEL) to avoid writing beyond\nthe buffers, for example, when doing descriptor fuzzing.\n\nThe original driver was for a low-speed device with 8-byte buffers.\nSupport was later added for a device that uses bulk transfers and is\npresumably a full-speed device with a maximum 64-byte wMaxPacketSize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47475",
"url": "https://www.suse.com/security/cve/CVE-2021-47475"
},
{
"category": "external",
"summary": "SUSE Bug 1224914 for CVE-2021-47475",
"url": "https://bugzilla.suse.com/1224914"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47475"
},
{
"cve": "CVE-2021-47476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: ni_usb6501: fix NULL-deref in command paths\n\nThe driver uses endpoint-sized USB transfer buffers but had no sanity\nchecks on the sizes. This can lead to zero-size-pointer dereferences or\noverflowed transfer buffers in ni6501_port_command() and\nni6501_counter_command() if a (malicious) device has smaller max-packet\nsizes than expected (or when doing descriptor fuzz testing).\n\nAdd the missing sanity checks to probe().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47476",
"url": "https://www.suse.com/security/cve/CVE-2021-47476"
},
{
"category": "external",
"summary": "SUSE Bug 1224913 for CVE-2021-47476",
"url": "https://bugzilla.suse.com/1224913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47476"
},
{
"cve": "CVE-2021-47477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: dt9812: fix DMA buffers on stack\n\nUSB transfer buffers are typically mapped for DMA and must not be\nallocated on the stack or transfers will fail.\n\nAllocate proper transfer buffers in the various command helpers and\nreturn an error on short transfers instead of acting on random stack\ndata.\n\nNote that this also fixes a stack info leak on systems where DMA is not\nused as 32 bytes are always sent to the device regardless of how short\nthe command is.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47477",
"url": "https://www.suse.com/security/cve/CVE-2021-47477"
},
{
"category": "external",
"summary": "SUSE Bug 1224912 for CVE-2021-47477",
"url": "https://bugzilla.suse.com/1224912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47477"
},
{
"cve": "CVE-2021-47478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Fix out of bound access for corrupted isofs image\n\nWhen isofs image is suitably corrupted isofs_read_inode() can read data\nbeyond the end of buffer. Sanity-check the directory entry length before\nusing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47478",
"url": "https://www.suse.com/security/cve/CVE-2021-47478"
},
{
"category": "external",
"summary": "SUSE Bug 1225198 for CVE-2021-47478",
"url": "https://bugzilla.suse.com/1225198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47478"
},
{
"cve": "CVE-2021-47479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47479"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix use-after-free in rtl8712_dl_fw\n\nSyzbot reported use-after-free in rtl8712_dl_fw(). The problem was in\nrace condition between r871xu_dev_remove() -\u003endo_open() callback.\n\nIt\u0027s easy to see from crash log, that driver accesses released firmware\nin -\u003endo_open() callback. It may happen, since driver was releasing\nfirmware _before_ unregistering netdev. Fix it by moving\nunregister_netdev() before cleaning up resources.\n\nCall Trace:\n...\n rtl871x_open_fw drivers/staging/rtl8712/hal_init.c:83 [inline]\n rtl8712_dl_fw+0xd95/0xe10 drivers/staging/rtl8712/hal_init.c:170\n rtl8712_hal_init drivers/staging/rtl8712/hal_init.c:330 [inline]\n rtl871x_hal_init+0xae/0x180 drivers/staging/rtl8712/hal_init.c:394\n netdev_open+0xe6/0x6c0 drivers/staging/rtl8712/os_intfs.c:380\n __dev_open+0x2bc/0x4d0 net/core/dev.c:1484\n\nFreed by task 1306:\n...\n release_firmware+0x1b/0x30 drivers/base/firmware_loader/main.c:1053\n r871xu_dev_remove+0xcc/0x2c0 drivers/staging/rtl8712/usb_intf.c:599\n usb_unbind_interface+0x1d8/0x8d0 drivers/usb/core/driver.c:458",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47479",
"url": "https://www.suse.com/security/cve/CVE-2021-47479"
},
{
"category": "external",
"summary": "SUSE Bug 1224911 for CVE-2021-47479",
"url": "https://bugzilla.suse.com/1224911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47479"
},
{
"cve": "CVE-2021-47480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Put LLD module refcnt after SCSI device is released\n\nSCSI host release is triggered when SCSI device is freed. We have to make\nsure that the low-level device driver module won\u0027t be unloaded before SCSI\nhost instance is released because shost-\u003ehostt is required in the release\nhandler.\n\nMake sure to put LLD module refcnt after SCSI device is released.\n\nFixes a kernel panic of \u0027BUG: unable to handle page fault for address\u0027\nreported by Changhui and Yi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47480",
"url": "https://www.suse.com/security/cve/CVE-2021-47480"
},
{
"category": "external",
"summary": "SUSE Bug 1225322 for CVE-2021-47480",
"url": "https://bugzilla.suse.com/1225322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47480"
},
{
"cve": "CVE-2021-47481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47481"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Initialize the ODP xarray when creating an ODP MR\n\nNormally the zero fill would hide the missing initialization, but an\nerrant set to desc_size in reg_create() causes a crash:\n\n BUG: unable to handle page fault for address: 0000000800000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP PTI\n CPU: 5 PID: 890 Comm: ib_write_bw Not tainted 5.15.0-rc4+ #47\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5_ib_dereg_mr+0x14/0x3b0 [mlx5_ib]\n Code: 48 63 cd 4c 89 f7 48 89 0c 24 e8 37 30 03 e1 48 8b 0c 24 eb a0 90 0f 1f 44 00 00 41 56 41 55 41 54 55 53 48 89 fb 48 83 ec 30 \u003c48\u003e 8b 2f 65 48 8b 04 25 28 00 00 00 48 89 44 24 28 31 c0 8b 87 c8\n RSP: 0018:ffff88811afa3a60 EFLAGS: 00010286\n RAX: 000000000000001c RBX: 0000000800000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000800000000\n RBP: 0000000800000000 R08: 0000000000000000 R09: c0000000fffff7ff\n R10: ffff88811afa38f8 R11: ffff88811afa38f0 R12: ffffffffa02c7ac0\n R13: 0000000000000000 R14: ffff88811afa3cd8 R15: ffff88810772fa00\n FS: 00007f47b9080740(0000) GS:ffff88852cd40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000800000000 CR3: 000000010761e003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n mlx5_ib_free_odp_mr+0x95/0xc0 [mlx5_ib]\n mlx5_ib_dereg_mr+0x128/0x3b0 [mlx5_ib]\n ib_dereg_mr_user+0x45/0xb0 [ib_core]\n ? xas_load+0x8/0x80\n destroy_hw_idr_uobject+0x1a/0x50 [ib_uverbs]\n uverbs_destroy_uobject+0x2f/0x150 [ib_uverbs]\n uobj_destroy+0x3c/0x70 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x467/0xb00 [ib_uverbs]\n ? uverbs_finalize_object+0x60/0x60 [ib_uverbs]\n ? ttwu_queue_wakelist+0xa9/0xe0\n ? pty_write+0x85/0x90\n ? file_tty_write.isra.33+0x214/0x330\n ? process_echoes+0x60/0x60\n ib_uverbs_ioctl+0xa7/0x110 [ib_uverbs]\n __x64_sys_ioctl+0x10d/0x8e0\n ? vfs_write+0x17f/0x260\n do_syscall_64+0x3c/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nAdd the missing xarray initialization and remove the desc_size set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47481",
"url": "https://www.suse.com/security/cve/CVE-2021-47481"
},
{
"category": "external",
"summary": "SUSE Bug 1224910 for CVE-2021-47481",
"url": "https://bugzilla.suse.com/1224910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47481"
},
{
"cve": "CVE-2021-47482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47482"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: batman-adv: fix error handling\n\nSyzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was\nin wrong error handling in batadv_mesh_init().\n\nBefore this patch batadv_mesh_init() was calling batadv_mesh_free() in case\nof any batadv_*_init() calls failure. This approach may work well, when\nthere is some kind of indicator, which can tell which parts of batadv are\ninitialized; but there isn\u0027t any.\n\nAll written above lead to cleaning up uninitialized fields. Even if we hide\nODEBUG warning by initializing bat_priv-\u003enc.work, syzbot was able to hit\nGPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]\n\nTo fix these bugs we can unwind batadv_*_init() calls one by one.\nIt is good approach for 2 reasons: 1) It fixes bugs on error handling\npath 2) It improves the performance, since we won\u0027t call unneeded\nbatadv_*_free() functions.\n\nSo, this patch makes all batadv_*_init() clean up all allocated memory\nbefore returning with an error to no call correspoing batadv_*_free()\nand open-codes batadv_mesh_free() with proper order to avoid touching\nuninitialized fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47482",
"url": "https://www.suse.com/security/cve/CVE-2021-47482"
},
{
"category": "external",
"summary": "SUSE Bug 1224909 for CVE-2021-47482",
"url": "https://bugzilla.suse.com/1224909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47482"
},
{
"cve": "CVE-2021-47483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: Fix possible double-free in regcache_rbtree_exit()\n\nIn regcache_rbtree_insert_to_block(), when \u0027present\u0027 realloc failed,\nthe \u0027blk\u0027 which is supposed to assign to \u0027rbnode-\u003eblock\u0027 will be freed,\nso \u0027rbnode-\u003eblock\u0027 points a freed memory, in the error handling path of\nregcache_rbtree_init(), \u0027rbnode-\u003eblock\u0027 will be freed again in\nregcache_rbtree_exit(), KASAN will report double-free as follows:\n\nBUG: KASAN: double-free or invalid-free in kfree+0xce/0x390\nCall Trace:\n slab_free_freelist_hook+0x10d/0x240\n kfree+0xce/0x390\n regcache_rbtree_exit+0x15d/0x1a0\n regcache_rbtree_init+0x224/0x2c0\n regcache_init+0x88d/0x1310\n __regmap_init+0x3151/0x4a80\n __devm_regmap_init+0x7d/0x100\n madera_spi_probe+0x10f/0x333 [madera_spi]\n spi_probe+0x183/0x210\n really_probe+0x285/0xc30\n\nTo fix this, moving up the assignment of rbnode-\u003eblock to immediately after\nthe reallocation has succeeded so that the data structure stays valid even\nif the second reallocation fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47483",
"url": "https://www.suse.com/security/cve/CVE-2021-47483"
},
{
"category": "external",
"summary": "SUSE Bug 1224907 for CVE-2021-47483",
"url": "https://bugzilla.suse.com/1224907"
},
{
"category": "external",
"summary": "SUSE Bug 1224908 for CVE-2021-47483",
"url": "https://bugzilla.suse.com/1224908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47483"
},
{
"cve": "CVE-2021-47484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47484"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix possible null pointer dereference.\n\nThis patch fixes possible null pointer dereference in files\n\"rvu_debugfs.c\" and \"rvu_nix.c\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47484",
"url": "https://www.suse.com/security/cve/CVE-2021-47484"
},
{
"category": "external",
"summary": "SUSE Bug 1224905 for CVE-2021-47484",
"url": "https://bugzilla.suse.com/1224905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47484"
},
{
"cve": "CVE-2021-47485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47485"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields\n\nOverflowing either addrlimit or bytes_togo can allow userspace to trigger\na buffer overflow of kernel memory. Check for overflows in all the places\ndoing math on user controlled buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47485",
"url": "https://www.suse.com/security/cve/CVE-2021-47485"
},
{
"category": "external",
"summary": "SUSE Bug 1224904 for CVE-2021-47485",
"url": "https://bugzilla.suse.com/1224904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47485"
},
{
"cve": "CVE-2021-47486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47486"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv, bpf: Fix potential NULL dereference\n\nThe bpf_jit_binary_free() function requires a non-NULL argument. When\nthe RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps,\njit_data-\u003eheader will be NULL, which triggers a NULL\ndereference. Avoid this by checking the argument, prior calling the\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47486",
"url": "https://www.suse.com/security/cve/CVE-2021-47486"
},
{
"category": "external",
"summary": "SUSE Bug 1224903 for CVE-2021-47486",
"url": "https://bugzilla.suse.com/1224903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47486"
},
{
"cve": "CVE-2021-47488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47488"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47488",
"url": "https://www.suse.com/security/cve/CVE-2021-47488"
},
{
"category": "external",
"summary": "SUSE Bug 1224902 for CVE-2021-47488",
"url": "https://bugzilla.suse.com/1224902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47488"
},
{
"cve": "CVE-2021-47489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47489"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix even more out of bound writes from debugfs\n\nCVE-2021-42327 was fixed by:\n\ncommit f23750b5b3d98653b31d4469592935ef6364ad67\nAuthor: Thelford Williams \u003ctdwilliamsiv@gmail.com\u003e\nDate: Wed Oct 13 16:04:13 2021 -0400\n\n drm/amdgpu: fix out of bounds write\n\nbut amdgpu_dm_debugfs.c contains more of the same issue so fix the\nremaining ones.\n\nv2:\n\t* Add missing fix in dp_max_bpc_write (Harry Wentland)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47489",
"url": "https://www.suse.com/security/cve/CVE-2021-47489"
},
{
"category": "external",
"summary": "SUSE Bug 1224901 for CVE-2021-47489",
"url": "https://bugzilla.suse.com/1224901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47489"
},
{
"cve": "CVE-2021-47490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: fix memleak in ttm_transfered_destroy\n\nWe need to cleanup the fences for ghost objects as well.\n\nBug: https://bugzilla.kernel.org/show_bug.cgi?id=214029\nBug: https://bugzilla.kernel.org/show_bug.cgi?id=214447",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47490",
"url": "https://www.suse.com/security/cve/CVE-2021-47490"
},
{
"category": "external",
"summary": "SUSE Bug 1225436 for CVE-2021-47490",
"url": "https://bugzilla.suse.com/1225436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47490"
},
{
"cve": "CVE-2021-47491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: khugepaged: skip huge page collapse for special files\n\nThe read-only THP for filesystems will collapse THP for files opened\nreadonly and mapped with VM_EXEC. The intended usecase is to avoid TLB\nmisses for large text segments. But it doesn\u0027t restrict the file types\nso a THP could be collapsed for a non-regular file, for example, block\ndevice, if it is opened readonly and mapped with EXEC permission. This\nmay cause bugs, like [1] and [2].\n\nThis is definitely not the intended usecase, so just collapse THP for\nregular files in order to close the attack surface.\n\n[shy828301@gmail.com: fix vm_file check [3]]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47491",
"url": "https://www.suse.com/security/cve/CVE-2021-47491"
},
{
"category": "external",
"summary": "SUSE Bug 1224900 for CVE-2021-47491",
"url": "https://bugzilla.suse.com/1224900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47491"
},
{
"cve": "CVE-2021-47492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, thp: bail out early in collapse_file for writeback page\n\nCurrently collapse_file does not explicitly check PG_writeback, instead,\npage_has_private and try_to_release_page are used to filter writeback\npages. This does not work for xfs with blocksize equal to or larger\nthan pagesize, because in such case xfs has no page-\u003eprivate.\n\nThis makes collapse_file bail out early for writeback page. Otherwise,\nxfs end_page_writeback will panic as follows.\n\n page:fffffe00201bcc80 refcount:0 mapcount:0 mapping:ffff0003f88c86a8 index:0x0 pfn:0x84ef32\n aops:xfs_address_space_operations [xfs] ino:30000b7 dentry name:\"libtest.so\"\n flags: 0x57fffe0000008027(locked|referenced|uptodate|active|writeback)\n raw: 57fffe0000008027 ffff80001b48bc28 ffff80001b48bc28 ffff0003f88c86a8\n raw: 0000000000000000 0000000000000000 00000000ffffffff ffff0000c3e9a000\n page dumped because: VM_BUG_ON_PAGE(((unsigned int) page_ref_count(page) + 127u \u003c= 127u))\n page-\u003emem_cgroup:ffff0000c3e9a000\n ------------[ cut here ]------------\n kernel BUG at include/linux/mm.h:1212!\n Internal error: Oops - BUG: 0 [#1] SMP\n Modules linked in:\n BUG: Bad page state in process khugepaged pfn:84ef32\n xfs(E)\n page:fffffe00201bcc80 refcount:0 mapcount:0 mapping:0 index:0x0 pfn:0x84ef32\n libcrc32c(E) rfkill(E) aes_ce_blk(E) crypto_simd(E) ...\n CPU: 25 PID: 0 Comm: swapper/25 Kdump: loaded Tainted: ...\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n Call trace:\n end_page_writeback+0x1c0/0x214\n iomap_finish_page_writeback+0x13c/0x204\n iomap_finish_ioend+0xe8/0x19c\n iomap_writepage_end_bio+0x38/0x50\n bio_endio+0x168/0x1ec\n blk_update_request+0x278/0x3f0\n blk_mq_end_request+0x34/0x15c\n virtblk_request_done+0x38/0x74 [virtio_blk]\n blk_done_softirq+0xc4/0x110\n __do_softirq+0x128/0x38c\n __irq_exit_rcu+0x118/0x150\n irq_exit+0x1c/0x30\n __handle_domain_irq+0x8c/0xf0\n gic_handle_irq+0x84/0x108\n el1_irq+0xcc/0x180\n arch_cpu_idle+0x18/0x40\n default_idle_call+0x4c/0x1a0\n cpuidle_idle_call+0x168/0x1e0\n do_idle+0xb4/0x104\n cpu_startup_entry+0x30/0x9c\n secondary_start_kernel+0x104/0x180\n Code: d4210000 b0006161 910c8021 94013f4d (d4210000)\n ---[ end trace 4a88c6a074082f8c ]---\n Kernel panic - not syncing: Oops - BUG: Fatal exception in interrupt",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47492",
"url": "https://www.suse.com/security/cve/CVE-2021-47492"
},
{
"category": "external",
"summary": "SUSE Bug 1224898 for CVE-2021-47492",
"url": "https://bugzilla.suse.com/1224898"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47492"
},
{
"cve": "CVE-2021-47493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47493"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix race between searching chunks and release journal_head from buffer_head\n\nEncountered a race between ocfs2_test_bg_bit_allocatable() and\njbd2_journal_put_journal_head() resulting in the below vmcore.\n\n PID: 106879 TASK: ffff880244ba9c00 CPU: 2 COMMAND: \"loop3\"\n Call trace:\n panic\n oops_end\n no_context\n __bad_area_nosemaphore\n bad_area_nosemaphore\n __do_page_fault\n do_page_fault\n page_fault\n [exception RIP: ocfs2_block_group_find_clear_bits+316]\n ocfs2_block_group_find_clear_bits [ocfs2]\n ocfs2_cluster_group_search [ocfs2]\n ocfs2_search_chain [ocfs2]\n ocfs2_claim_suballoc_bits [ocfs2]\n __ocfs2_claim_clusters [ocfs2]\n ocfs2_claim_clusters [ocfs2]\n ocfs2_local_alloc_slide_window [ocfs2]\n ocfs2_reserve_local_alloc_bits [ocfs2]\n ocfs2_reserve_clusters_with_limit [ocfs2]\n ocfs2_reserve_clusters [ocfs2]\n ocfs2_lock_refcount_allocators [ocfs2]\n ocfs2_make_clusters_writable [ocfs2]\n ocfs2_replace_cow [ocfs2]\n ocfs2_refcount_cow [ocfs2]\n ocfs2_file_write_iter [ocfs2]\n lo_rw_aio\n loop_queue_work\n kthread_worker_fn\n kthread\n ret_from_fork\n\nWhen ocfs2_test_bg_bit_allocatable() called bh2jh(bg_bh), the\nbg_bh-\u003eb_private NULL as jbd2_journal_put_journal_head() raced and\nreleased the jounal head from the buffer head. Needed to take bit lock\nfor the bit \u0027BH_JournalHead\u0027 to fix this race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47493",
"url": "https://www.suse.com/security/cve/CVE-2021-47493"
},
{
"category": "external",
"summary": "SUSE Bug 1225439 for CVE-2021-47493",
"url": "https://bugzilla.suse.com/1225439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47493"
},
{
"cve": "CVE-2021-47494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47494"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncfg80211: fix management registrations locking\n\nThe management registrations locking was broken, the list was\nlocked for each wdev, but cfg80211_mgmt_registrations_update()\niterated it without holding all the correct spinlocks, causing\nlist corruption.\n\nRather than trying to fix it with fine-grained locking, just\nmove the lock to the wiphy/rdev (still need the list on each\nwdev), we already need to hold the wdev lock to change it, so\nthere\u0027s no contention on the lock in any case. This trivially\nfixes the bug since we hold one wdev\u0027s lock already, and now\nwill hold the lock that protects all lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47494",
"url": "https://www.suse.com/security/cve/CVE-2021-47494"
},
{
"category": "external",
"summary": "SUSE Bug 1225450 for CVE-2021-47494",
"url": "https://bugzilla.suse.com/1225450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47494"
},
{
"cve": "CVE-2021-47495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: sanity check for maxpacket\n\nmaxpacket of 0 makes no sense and oopses as we need to divide\nby it. Give up.\n\nV2: fixed typo in log and stylistic issues",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47495",
"url": "https://www.suse.com/security/cve/CVE-2021-47495"
},
{
"category": "external",
"summary": "SUSE Bug 1225351 for CVE-2021-47495",
"url": "https://bugzilla.suse.com/1225351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47495"
},
{
"cve": "CVE-2021-47496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix flipped sign in tls_err_abort() calls\n\nsk-\u003esk_err appears to expect a positive value, a convention that ktls\ndoesn\u0027t always follow and that leads to memory corruption in other code.\nFor instance,\n\n [kworker]\n tls_encrypt_done(..., err=\u003cnegative error from crypto request\u003e)\n tls_err_abort(.., err)\n sk-\u003esk_err = err;\n\n [task]\n splice_from_pipe_feed\n ...\n tls_sw_do_sendpage\n if (sk-\u003esk_err) {\n ret = -sk-\u003esk_err; // ret is positive\n\n splice_from_pipe_feed (continued)\n ret = actor(...) // ret is still positive and interpreted as bytes\n // written, resulting in underflow of buf-\u003elen and\n // sd-\u003elen, leading to huge buf-\u003eoffset and bogus\n // addresses computed in later calls to actor()\n\nFix all tls_err_abort() callers to pass a negative error code\nconsistently and centralize the error-prone sign flip there, throwing in\na warning to catch future misuse and uninlining the function so it\nreally does only warn once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47496",
"url": "https://www.suse.com/security/cve/CVE-2021-47496"
},
{
"category": "external",
"summary": "SUSE Bug 1225354 for CVE-2021-47496",
"url": "https://bugzilla.suse.com/1225354"
},
{
"category": "external",
"summary": "SUSE Bug 1227656 for CVE-2021-47496",
"url": "https://bugzilla.suse.com/1227656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47496"
},
{
"cve": "CVE-2021-47497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47497"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: Fix shift-out-of-bound (UBSAN) with byte size cells\n\nIf a cell has \u0027nbits\u0027 equal to a multiple of BITS_PER_BYTE the logic\n\n *p \u0026= GENMASK((cell-\u003enbits%BITS_PER_BYTE) - 1, 0);\n\nwill become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we\nsubtract one from that making a large number that is then shifted more than the\nnumber of bits that fit into an unsigned long.\n\nUBSAN reports this problem:\n\n UBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8\n shift exponent 64 is too large for 64-bit type \u0027unsigned long\u0027\n CPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9\n Hardware name: Google Lazor (rev3+) with KB Backlight (DT)\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n dump_backtrace+0x0/0x170\n show_stack+0x24/0x30\n dump_stack_lvl+0x64/0x7c\n dump_stack+0x18/0x38\n ubsan_epilogue+0x10/0x54\n __ubsan_handle_shift_out_of_bounds+0x180/0x194\n __nvmem_cell_read+0x1ec/0x21c\n nvmem_cell_read+0x58/0x94\n nvmem_cell_read_variable_common+0x4c/0xb0\n nvmem_cell_read_variable_le_u32+0x40/0x100\n a6xx_gpu_init+0x170/0x2f4\n adreno_bind+0x174/0x284\n component_bind_all+0xf0/0x264\n msm_drm_bind+0x1d8/0x7a0\n try_to_bring_up_master+0x164/0x1ac\n __component_add+0xbc/0x13c\n component_add+0x20/0x2c\n dp_display_probe+0x340/0x384\n platform_probe+0xc0/0x100\n really_probe+0x110/0x304\n __driver_probe_device+0xb8/0x120\n driver_probe_device+0x4c/0xfc\n __device_attach_driver+0xb0/0x128\n bus_for_each_drv+0x90/0xdc\n __device_attach+0xc8/0x174\n device_initial_probe+0x20/0x2c\n bus_probe_device+0x40/0xa4\n deferred_probe_work_func+0x7c/0xb8\n process_one_work+0x128/0x21c\n process_scheduled_works+0x40/0x54\n worker_thread+0x1ec/0x2a8\n kthread+0x138/0x158\n ret_from_fork+0x10/0x20\n\nFix it by making sure there are any bits to mask out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47497",
"url": "https://www.suse.com/security/cve/CVE-2021-47497"
},
{
"category": "external",
"summary": "SUSE Bug 1225355 for CVE-2021-47497",
"url": "https://bugzilla.suse.com/1225355"
},
{
"category": "external",
"summary": "SUSE Bug 1227655 for CVE-2021-47497",
"url": "https://bugzilla.suse.com/1227655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47497"
},
{
"cve": "CVE-2021-47498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47498"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm rq: don\u0027t queue request to blk-mq during DM suspend\n\nDM uses blk-mq\u0027s quiesce/unquiesce to stop/start device mapper queue.\n\nBut blk-mq\u0027s unquiesce may come from outside events, such as elevator\nswitch, updating nr_requests or others, and request may come during\nsuspend, so simply ask for blk-mq to requeue it.\n\nFixes one kernel panic issue when running updating nr_requests and\ndm-mpath suspend/resume stress test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47498",
"url": "https://www.suse.com/security/cve/CVE-2021-47498"
},
{
"category": "external",
"summary": "SUSE Bug 1225357 for CVE-2021-47498",
"url": "https://bugzilla.suse.com/1225357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47498"
},
{
"cve": "CVE-2021-47499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: kxcjk-1013: Fix possible memory leak in probe and remove\n\nWhen ACPI type is ACPI_SMO8500, the data-\u003edready_trig will not be set, the\nmemory allocated by iio_triggered_buffer_setup() will not be freed, and cause\nmemory leak as follows:\n\nunreferenced object 0xffff888009551400 (size 512):\n comm \"i2c-SMO8500-125\", pid 911, jiffies 4294911787 (age 83.852s)\n hex dump (first 32 bytes):\n 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 20 e2 e5 c0 ff ff ff ff ........ .......\n backtrace:\n [\u003c0000000041ce75ee\u003e] kmem_cache_alloc_trace+0x16d/0x360\n [\u003c000000000aeb17b0\u003e] iio_kfifo_allocate+0x41/0x130 [kfifo_buf]\n [\u003c000000004b40c1f5\u003e] iio_triggered_buffer_setup_ext+0x2c/0x210 [industrialio_triggered_buffer]\n [\u003c000000004375b15f\u003e] kxcjk1013_probe+0x10c3/0x1d81 [kxcjk_1013]\n\nFix it by remove data-\u003edready_trig condition in probe and remove.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47499",
"url": "https://www.suse.com/security/cve/CVE-2021-47499"
},
{
"category": "external",
"summary": "SUSE Bug 1225358 for CVE-2021-47499",
"url": "https://bugzilla.suse.com/1225358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47499"
},
{
"cve": "CVE-2021-47500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47500",
"url": "https://www.suse.com/security/cve/CVE-2021-47500"
},
{
"category": "external",
"summary": "SUSE Bug 1225360 for CVE-2021-47500",
"url": "https://bugzilla.suse.com/1225360"
},
{
"category": "external",
"summary": "SUSE Bug 1227698 for CVE-2021-47500",
"url": "https://bugzilla.suse.com/1227698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47500"
},
{
"cve": "CVE-2021-47501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47501"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL pointer dereference in i40e_dbg_dump_desc\n\nWhen trying to dump VFs VSI RX/TX descriptors\nusing debugfs there was a crash\ndue to NULL pointer dereference in i40e_dbg_dump_desc.\nAdded a check to i40e_dbg_dump_desc that checks if\nVSI type is correct for dumping RX/TX descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47501",
"url": "https://www.suse.com/security/cve/CVE-2021-47501"
},
{
"category": "external",
"summary": "SUSE Bug 1225361 for CVE-2021-47501",
"url": "https://bugzilla.suse.com/1225361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47501"
},
{
"cve": "CVE-2021-47502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47502"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd934x: handle channel mappping list correctly\n\nCurrently each channel is added as list to dai channel list, however\nthere is danger of adding same channel to multiple dai channel list\nwhich endups corrupting the other list where its already added.\n\nThis patch ensures that the channel is actually free before adding to\nthe dai channel list and also ensures that the channel is on the list\nbefore deleting it.\n\nThis check was missing previously, and we did not hit this issue as\nwe were testing very simple usecases with sequence of amixer commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47502",
"url": "https://www.suse.com/security/cve/CVE-2021-47502"
},
{
"category": "external",
"summary": "SUSE Bug 1225369 for CVE-2021-47502",
"url": "https://bugzilla.suse.com/1225369"
},
{
"category": "external",
"summary": "SUSE Bug 1227699 for CVE-2021-47502",
"url": "https://bugzilla.suse.com/1227699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47502"
},
{
"cve": "CVE-2021-47503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()\n\nCalling scsi_remove_host() before scsi_add_host() results in a crash:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000108\n RIP: 0010:device_del+0x63/0x440\n Call Trace:\n device_unregister+0x17/0x60\n scsi_remove_host+0xee/0x2a0\n pm8001_pci_probe+0x6ef/0x1b90 [pm80xx]\n local_pci_probe+0x3f/0x90\n\nWe cannot call scsi_remove_host() in pm8001_alloc() because scsi_add_host()\nhas not been called yet at that point in time.\n\nFunction call tree:\n\n pm8001_pci_probe()\n |\n `- pm8001_pci_alloc()\n | |\n | `- pm8001_alloc()\n | |\n | `- scsi_remove_host()\n |\n `- scsi_add_host()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47503",
"url": "https://www.suse.com/security/cve/CVE-2021-47503"
},
{
"category": "external",
"summary": "SUSE Bug 1225374 for CVE-2021-47503",
"url": "https://bugzilla.suse.com/1225374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47503"
},
{
"cve": "CVE-2021-47505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47505"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix use-after-free due to missing POLLFREE handling\n\nsignalfd_poll() and binder_poll() are special in that they use a\nwaitqueue whose lifetime is the current task, rather than the struct\nfile as is normally the case. This is okay for blocking polls, since a\nblocking poll occurs within one task; however, non-blocking polls\nrequire another solution. This solution is for the queue to be cleared\nbefore it is freed, by sending a POLLFREE notification to all waiters.\n\nUnfortunately, only eventpoll handles POLLFREE. A second type of\nnon-blocking poll, aio poll, was added in kernel v4.18, and it doesn\u0027t\nhandle POLLFREE. This allows a use-after-free to occur if a signalfd or\nbinder fd is polled with aio poll, and the waitqueue gets freed.\n\nFix this by making aio poll handle POLLFREE.\n\nA patch by Ramji Jiyani \u003cramjiyani@google.com\u003e\n(https://lore.kernel.org/r/20211027011834.2497484-1-ramjiyani@google.com)\ntried to do this by making aio_poll_wake() always complete the request\ninline if POLLFREE is seen. However, that solution had two bugs.\nFirst, it introduced a deadlock, as it unconditionally locked the aio\ncontext while holding the waitqueue lock, which inverts the normal\nlocking order. Second, it didn\u0027t consider that POLLFREE notifications\nare missed while the request has been temporarily de-queued.\n\nThe second problem was solved by my previous patch. This patch then\nproperly fixes the use-after-free by handling POLLFREE in a\ndeadlock-free way. It does this by taking advantage of the fact that\nfreeing of the waitqueue is RCU-delayed, similar to what eventpoll does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47505",
"url": "https://www.suse.com/security/cve/CVE-2021-47505"
},
{
"category": "external",
"summary": "SUSE Bug 1225400 for CVE-2021-47505",
"url": "https://bugzilla.suse.com/1225400"
},
{
"category": "external",
"summary": "SUSE Bug 1227652 for CVE-2021-47505",
"url": "https://bugzilla.suse.com/1227652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47505"
},
{
"cve": "CVE-2021-47506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix use-after-free due to delegation race\n\nA delegation break could arrive as soon as we\u0027ve called vfs_setlease. A\ndelegation break runs a callback which immediately (in\nnfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we\nthen exit nfs4_set_delegation without hashing the delegation, it will be\nfreed as soon as the callback is done with it, without ever being\nremoved from del_recall_lru.\n\nSymptoms show up later as use-after-free or list corruption warnings,\nusually in the laundromat thread.\n\nI suspect aba2072f4523 \"nfsd: grant read delegations to clients holding\nwrites\" made this bug easier to hit, but I looked as far back as v3.0\nand it looks to me it already had the same problem. So I\u0027m not sure\nwhere the bug was introduced; it may have been there from the beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47506",
"url": "https://www.suse.com/security/cve/CVE-2021-47506"
},
{
"category": "external",
"summary": "SUSE Bug 1225404 for CVE-2021-47506",
"url": "https://bugzilla.suse.com/1225404"
},
{
"category": "external",
"summary": "SUSE Bug 1227497 for CVE-2021-47506",
"url": "https://bugzilla.suse.com/1227497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47506"
},
{
"cve": "CVE-2021-47507",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47507"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix nsfd startup race (again)\n\nCommit bd5ae9288d64 (\"nfsd: register pernet ops last, unregister first\")\nhas re-opened rpc_pipefs_event() race against nfsd_net_id registration\n(register_pernet_subsys()) which has been fixed by commit bb7ffbf29e76\n(\"nfsd: fix nsfd startup race triggering BUG_ON\").\n\nRestore the order of register_pernet_subsys() vs register_cld_notifier().\nAdd WARN_ON() to prevent a future regression.\n\nCrash info:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000012\nCPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-... #1\npc : rpc_pipefs_event+0x54/0x120 [nfsd]\nlr : rpc_pipefs_event+0x48/0x120 [nfsd]\nCall trace:\n rpc_pipefs_event+0x54/0x120 [nfsd]\n blocking_notifier_call_chain\n rpc_fill_super\n get_tree_keyed\n rpc_fs_get_tree\n vfs_get_tree\n do_mount\n ksys_mount\n __arm64_sys_mount\n el0_svc_handler\n el0_svc",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47507",
"url": "https://www.suse.com/security/cve/CVE-2021-47507"
},
{
"category": "external",
"summary": "SUSE Bug 1225405 for CVE-2021-47507",
"url": "https://bugzilla.suse.com/1225405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47507"
},
{
"cve": "CVE-2021-47509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Limit the period size to 16MB\n\nSet the practical limit to the period size (the fragment shift in OSS)\ninstead of a full 31bit; a too large value could lead to the exhaust\nof memory as we allocate temporary buffers of the period size, too.\n\nAs of this patch, we set to 16MB limit, which should cover all use\ncases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47509",
"url": "https://www.suse.com/security/cve/CVE-2021-47509"
},
{
"category": "external",
"summary": "SUSE Bug 1225409 for CVE-2021-47509",
"url": "https://bugzilla.suse.com/1225409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47509"
},
{
"cve": "CVE-2021-47510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix re-dirty process of tree-log nodes\n\nThere is a report of a transaction abort of -EAGAIN with the following\nscript.\n\n #!/bin/sh\n\n for d in sda sdb; do\n mkfs.btrfs -d single -m single -f /dev/\\${d}\n done\n\n mount /dev/sda /mnt/test\n mount /dev/sdb /mnt/scratch\n\n for dir in test scratch; do\n echo 3 \u003e/proc/sys/vm/drop_caches\n fio --directory=/mnt/\\${dir} --name=fio.\\${dir} --rw=read --size=50G --bs=64m \\\n --numjobs=$(nproc) --time_based --ramp_time=5 --runtime=480 \\\n --group_reporting |\u0026 tee /dev/shm/fio.\\${dir}\n echo 3 \u003e/proc/sys/vm/drop_caches\n done\n\n for d in sda sdb; do\n umount /dev/\\${d}\n done\n\nThe stack trace is shown in below.\n\n [3310.967991] BTRFS: error (device sda) in btrfs_commit_transaction:2341: errno=-11 unknown (Error while writing out transaction)\n [3310.968060] BTRFS info (device sda): forced readonly\n [3310.968064] BTRFS warning (device sda): Skipping commit of aborted transaction.\n [3310.968065] ------------[ cut here ]------------\n [3310.968066] BTRFS: Transaction aborted (error -11)\n [3310.968074] WARNING: CPU: 14 PID: 1684 at fs/btrfs/transaction.c:1946 btrfs_commit_transaction.cold+0x209/0x2c8\n [3310.968131] CPU: 14 PID: 1684 Comm: fio Not tainted 5.14.10-300.fc35.x86_64 #1\n [3310.968135] Hardware name: DIAWAY Tartu/Tartu, BIOS V2.01.B10 04/08/2021\n [3310.968137] RIP: 0010:btrfs_commit_transaction.cold+0x209/0x2c8\n [3310.968144] RSP: 0018:ffffb284ce393e10 EFLAGS: 00010282\n [3310.968147] RAX: 0000000000000026 RBX: ffff973f147b0f60 RCX: 0000000000000027\n [3310.968149] RDX: ffff974ecf098a08 RSI: 0000000000000001 RDI: ffff974ecf098a00\n [3310.968150] RBP: ffff973f147b0f08 R08: 0000000000000000 R09: ffffb284ce393c48\n [3310.968151] R10: ffffb284ce393c40 R11: ffffffff84f47468 R12: ffff973f101bfc00\n [3310.968153] R13: ffff971f20cf2000 R14: 00000000fffffff5 R15: ffff973f147b0e58\n [3310.968154] FS: 00007efe65468740(0000) GS:ffff974ecf080000(0000) knlGS:0000000000000000\n [3310.968157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [3310.968158] CR2: 000055691bcbe260 CR3: 000000105cfa4001 CR4: 0000000000770ee0\n [3310.968160] PKRU: 55555554\n [3310.968161] Call Trace:\n [3310.968167] ? dput+0xd4/0x300\n [3310.968174] btrfs_sync_file+0x3f1/0x490\n [3310.968180] __x64_sys_fsync+0x33/0x60\n [3310.968185] do_syscall_64+0x3b/0x90\n [3310.968190] entry_SYSCALL_64_after_hwframe+0x44/0xae\n [3310.968194] RIP: 0033:0x7efe6557329b\n [3310.968200] RSP: 002b:00007ffe0236ebc0 EFLAGS: 00000293 ORIG_RAX: 000000000000004a\n [3310.968203] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007efe6557329b\n [3310.968204] RDX: 0000000000000000 RSI: 00007efe58d77010 RDI: 0000000000000006\n [3310.968205] RBP: 0000000004000000 R08: 0000000000000000 R09: 00007efe58d77010\n [3310.968207] R10: 0000000016cacc0c R11: 0000000000000293 R12: 00007efe5ce95980\n [3310.968208] R13: 0000000000000000 R14: 00007efe6447c790 R15: 0000000c80000000\n [3310.968212] ---[ end trace 1a346f4d3c0d96ba ]---\n [3310.968214] BTRFS: error (device sda) in cleanup_transaction:1946: errno=-11 unknown\n\nThe abort occurs because of a write hole while writing out freeing tree\nnodes of a tree-log tree. For zoned btrfs, we re-dirty a freed tree\nnode to ensure btrfs can write the region and does not leave a hole on\nwrite on a zoned device. The current code fails to re-dirty a node\nwhen the tree-log tree\u0027s depth is greater or equal to 2. That leads to\na transaction abort with -EAGAIN.\n\nFix the issue by properly re-dirtying a node on walking up the tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47510",
"url": "https://www.suse.com/security/cve/CVE-2021-47510"
},
{
"category": "external",
"summary": "SUSE Bug 1225410 for CVE-2021-47510",
"url": "https://bugzilla.suse.com/1225410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47510"
},
{
"cve": "CVE-2021-47511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix negative period/buffer sizes\n\nThe period size calculation in OSS layer may receive a negative value\nas an error, but the code there assumes only the positive values and\nhandle them with size_t. Due to that, a too big value may be passed\nto the lower layers.\n\nThis patch changes the code to handle with ssize_t and adds the proper\nerror checks appropriately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47511",
"url": "https://www.suse.com/security/cve/CVE-2021-47511"
},
{
"category": "external",
"summary": "SUSE Bug 1225411 for CVE-2021-47511",
"url": "https://bugzilla.suse.com/1225411"
},
{
"category": "external",
"summary": "SUSE Bug 1227700 for CVE-2021-47511",
"url": "https://bugzilla.suse.com/1227700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47511"
},
{
"cve": "CVE-2021-47513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: felix: Fix memory leak in felix_setup_mmio_filtering\n\nAvoid a memory leak if there is not a CPU port defined.\n\nAddresses-Coverity-ID: 1492897 (\"Resource leak\")\nAddresses-Coverity-ID: 1492899 (\"Resource leak\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47513",
"url": "https://www.suse.com/security/cve/CVE-2021-47513"
},
{
"category": "external",
"summary": "SUSE Bug 1225380 for CVE-2021-47513",
"url": "https://bugzilla.suse.com/1225380"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47513"
},
{
"cve": "CVE-2021-47514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47514"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix netns refcount leak in devlink_nl_cmd_reload()\n\nWhile preparing my patch series adding netns refcount tracking,\nI spotted bugs in devlink_nl_cmd_reload()\n\nSome error paths forgot to release a refcount on a netns.\n\nTo fix this, we can reduce the scope of get_net()/put_net()\nsection around the call to devlink_reload().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47514",
"url": "https://www.suse.com/security/cve/CVE-2021-47514"
},
{
"category": "external",
"summary": "SUSE Bug 1225425 for CVE-2021-47514",
"url": "https://bugzilla.suse.com/1225425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2021-47514"
},
{
"cve": "CVE-2021-47516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: Fix memory leak in nfp_cpp_area_cache_add()\n\nIn line 800 (#1), nfp_cpp_area_alloc() allocates and initializes a\nCPP area structure. But in line 807 (#2), when the cache is allocated\nfailed, this CPP area structure is not freed, which will result in\nmemory leak.\n\nWe can fix it by freeing the CPP area when the cache is allocated\nfailed (#2).\n\n792 int nfp_cpp_area_cache_add(struct nfp_cpp *cpp, size_t size)\n793 {\n794 \tstruct nfp_cpp_area_cache *cache;\n795 \tstruct nfp_cpp_area *area;\n\n800\tarea = nfp_cpp_area_alloc(cpp, NFP_CPP_ID(7, NFP_CPP_ACTION_RW, 0),\n801 \t\t\t\t 0, size);\n\t// #1: allocates and initializes\n\n802 \tif (!area)\n803 \t\treturn -ENOMEM;\n\n805 \tcache = kzalloc(sizeof(*cache), GFP_KERNEL);\n806 \tif (!cache)\n807 \t\treturn -ENOMEM; // #2: missing free\n\n817\treturn 0;\n818 }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47516",
"url": "https://www.suse.com/security/cve/CVE-2021-47516"
},
{
"category": "external",
"summary": "SUSE Bug 1225427 for CVE-2021-47516",
"url": "https://bugzilla.suse.com/1225427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47516"
},
{
"cve": "CVE-2021-47518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47518"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done\n\nThe done() netlink callback nfc_genl_dump_ses_done() should check if\nreceived argument is non-NULL, because its allocation could fail earlier\nin dumpit() (nfc_genl_dump_ses()).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47518",
"url": "https://www.suse.com/security/cve/CVE-2021-47518"
},
{
"category": "external",
"summary": "SUSE Bug 1225372 for CVE-2021-47518",
"url": "https://bugzilla.suse.com/1225372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47518"
},
{
"cve": "CVE-2021-47520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: pch_can: pch_can_rx_normal: fix use after free\n\nAfter calling netif_receive_skb(skb), dereferencing skb is unsafe.\nEspecially, the can_frame cf which aliases skb memory is dereferenced\njust after the call netif_receive_skb(skb).\n\nReordering the lines solves the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47520",
"url": "https://www.suse.com/security/cve/CVE-2021-47520"
},
{
"category": "external",
"summary": "SUSE Bug 1225431 for CVE-2021-47520",
"url": "https://bugzilla.suse.com/1225431"
},
{
"category": "external",
"summary": "SUSE Bug 1227905 for CVE-2021-47520",
"url": "https://bugzilla.suse.com/1227905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47520"
},
{
"cve": "CVE-2021-47521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47521"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: sja1000: fix use after free in ems_pcmcia_add_card()\n\nIf the last channel is not available then \"dev\" is freed. Fortunately,\nwe can just use \"pdev-\u003eirq\" instead.\n\nAlso we should check if at least one channel was set up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47521",
"url": "https://www.suse.com/security/cve/CVE-2021-47521"
},
{
"category": "external",
"summary": "SUSE Bug 1225435 for CVE-2021-47521",
"url": "https://bugzilla.suse.com/1225435"
},
{
"category": "external",
"summary": "SUSE Bug 1227696 for CVE-2021-47521",
"url": "https://bugzilla.suse.com/1227696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47521"
},
{
"cve": "CVE-2021-47522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47522"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: bigbenff: prevent null pointer dereference\n\nWhen emulating the device through uhid, there is a chance we don\u0027t have\noutput reports and so report_field is null.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47522",
"url": "https://www.suse.com/security/cve/CVE-2021-47522"
},
{
"category": "external",
"summary": "SUSE Bug 1225437 for CVE-2021-47522",
"url": "https://bugzilla.suse.com/1225437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47522"
},
{
"cve": "CVE-2021-47523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47523"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr\n\nThis buffer is currently allocated in hfi1_init():\n\n\tif (reinit)\n\t\tret = init_after_reset(dd);\n\telse\n\t\tret = loadtime_init(dd);\n\tif (ret)\n\t\tgoto done;\n\n\t/* allocate dummy tail memory for all receive contexts */\n\tdd-\u003ercvhdrtail_dummy_kvaddr = dma_alloc_coherent(\u0026dd-\u003epcidev-\u003edev,\n\t\t\t\t\t\t\t sizeof(u64),\n\t\t\t\t\t\t\t \u0026dd-\u003ercvhdrtail_dummy_dma,\n\t\t\t\t\t\t\t GFP_KERNEL);\n\n\tif (!dd-\u003ercvhdrtail_dummy_kvaddr) {\n\t\tdd_dev_err(dd, \"cannot allocate dummy tail memory\\n\");\n\t\tret = -ENOMEM;\n\t\tgoto done;\n\t}\n\nThe reinit triggered path will overwrite the old allocation and leak it.\n\nFix by moving the allocation to hfi1_alloc_devdata() and the deallocation\nto hfi1_free_devdata().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47523",
"url": "https://www.suse.com/security/cve/CVE-2021-47523"
},
{
"category": "external",
"summary": "SUSE Bug 1225438 for CVE-2021-47523",
"url": "https://bugzilla.suse.com/1225438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47523"
},
{
"cve": "CVE-2021-47524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: liteuart: fix minor-number leak on probe errors\n\nMake sure to release the allocated minor number before returning on\nprobe errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47524",
"url": "https://www.suse.com/security/cve/CVE-2021-47524"
},
{
"category": "external",
"summary": "SUSE Bug 1225377 for CVE-2021-47524",
"url": "https://bugzilla.suse.com/1225377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47524"
},
{
"cve": "CVE-2021-47525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47525"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: liteuart: fix use-after-free and memleak on unbind\n\nDeregister the port when unbinding the driver to prevent it from being\nused after releasing the driver data and leaking memory allocated by\nserial core.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47525",
"url": "https://www.suse.com/security/cve/CVE-2021-47525"
},
{
"category": "external",
"summary": "SUSE Bug 1225441 for CVE-2021-47525",
"url": "https://bugzilla.suse.com/1225441"
},
{
"category": "external",
"summary": "SUSE Bug 1227697 for CVE-2021-47525",
"url": "https://bugzilla.suse.com/1227697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47525"
},
{
"cve": "CVE-2021-47526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: liteuart: Fix NULL pointer dereference in -\u003eremove()\n\ndrvdata has to be set in _probe() - otherwise platform_get_drvdata()\ncauses null pointer dereference BUG in _remove().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47526",
"url": "https://www.suse.com/security/cve/CVE-2021-47526"
},
{
"category": "external",
"summary": "SUSE Bug 1225376 for CVE-2021-47526",
"url": "https://bugzilla.suse.com/1225376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47526"
},
{
"cve": "CVE-2021-47528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()\n\nIn cdnsp_endpoint_init(), cdnsp_ring_alloc() is assigned to pep-\u003ering\nand there is a dereference of it in cdnsp_endpoint_init(), which could\nlead to a NULL pointer dereference on failure of cdnsp_ring_alloc().\n\nFix this bug by adding a check of pep-\u003ering.\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_USB_CDNSP_GADGET=y show no new warnings,\nand our static analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47528",
"url": "https://www.suse.com/security/cve/CVE-2021-47528"
},
{
"category": "external",
"summary": "SUSE Bug 1225368 for CVE-2021-47528",
"url": "https://bugzilla.suse.com/1225368"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47528"
},
{
"cve": "CVE-2021-47529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Fix memory leaks in error handling path\n\nShould an error occur (invalid TLV len or memory allocation failure), the\nmemory already allocated in \u0027reduce_power_data\u0027 should be freed before\nreturning, otherwise it is leaking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47529",
"url": "https://www.suse.com/security/cve/CVE-2021-47529"
},
{
"category": "external",
"summary": "SUSE Bug 1225373 for CVE-2021-47529",
"url": "https://bugzilla.suse.com/1225373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47529"
},
{
"cve": "CVE-2021-47533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47533"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: kms: Clear the HVS FIFO commit pointer once done\n\nCommit 9ec03d7f1ed3 (\"drm/vc4: kms: Wait on previous FIFO users before a\ncommit\") introduced a wait on the previous commit done on a given HVS\nFIFO.\n\nHowever, we never cleared that pointer once done. Since\ndrm_crtc_commit_put can free the drm_crtc_commit structure directly if\nwe were the last user, this means that it can lead to a use-after free\nif we were to duplicate the state, and that stale pointer would even be\ncopied to the new state.\n\nSet the pointer to NULL once we\u0027re done with the wait so that we don\u0027t\ncarry over a pointer to a free\u0027d structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47533",
"url": "https://www.suse.com/security/cve/CVE-2021-47533"
},
{
"category": "external",
"summary": "SUSE Bug 1225445 for CVE-2021-47533",
"url": "https://bugzilla.suse.com/1225445"
},
{
"category": "external",
"summary": "SUSE Bug 1227498 for CVE-2021-47533",
"url": "https://bugzilla.suse.com/1227498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47533"
},
{
"cve": "CVE-2021-47534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: kms: Add missing drm_crtc_commit_put\n\nCommit 9ec03d7f1ed3 (\"drm/vc4: kms: Wait on previous FIFO users before a\ncommit\") introduced a global state for the HVS, with each FIFO storing\nthe current CRTC commit so that we can properly synchronize commits.\n\nHowever, the refcounting was off and we thus ended up leaking the\ndrm_crtc_commit structure every commit. Add a drm_crtc_commit_put to\nprevent the leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47534",
"url": "https://www.suse.com/security/cve/CVE-2021-47534"
},
{
"category": "external",
"summary": "SUSE Bug 1230903 for CVE-2021-47534",
"url": "https://bugzilla.suse.com/1230903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47534"
},
{
"cve": "CVE-2021-47535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a6xx: Allocate enough space for GMU registers\n\nIn commit 142639a52a01 (\"drm/msm/a6xx: fix crashstate capture for\nA650\") we changed a6xx_get_gmu_registers() to read 3 sets of\nregisters. Unfortunately, we didn\u0027t change the memory allocation for\nthe array. That leads to a KASAN warning (this was on the chromeos-5.4\nkernel, which has the problematic commit backported to it):\n\n BUG: KASAN: slab-out-of-bounds in _a6xx_get_gmu_registers+0x144/0x430\n Write of size 8 at addr ffffff80c89432b0 by task A618-worker/209\n CPU: 5 PID: 209 Comm: A618-worker Tainted: G W 5.4.156-lockdep #22\n Hardware name: Google Lazor Limozeen without Touchscreen (rev5 - rev8) (DT)\n Call trace:\n dump_backtrace+0x0/0x248\n show_stack+0x20/0x2c\n dump_stack+0x128/0x1ec\n print_address_description+0x88/0x4a0\n __kasan_report+0xfc/0x120\n kasan_report+0x10/0x18\n __asan_report_store8_noabort+0x1c/0x24\n _a6xx_get_gmu_registers+0x144/0x430\n a6xx_gpu_state_get+0x330/0x25d4\n msm_gpu_crashstate_capture+0xa0/0x84c\n recover_worker+0x328/0x838\n kthread_worker_fn+0x32c/0x574\n kthread+0x2dc/0x39c\n ret_from_fork+0x10/0x18\n\n Allocated by task 209:\n __kasan_kmalloc+0xfc/0x1c4\n kasan_kmalloc+0xc/0x14\n kmem_cache_alloc_trace+0x1f0/0x2a0\n a6xx_gpu_state_get+0x164/0x25d4\n msm_gpu_crashstate_capture+0xa0/0x84c\n recover_worker+0x328/0x838\n kthread_worker_fn+0x32c/0x574\n kthread+0x2dc/0x39c\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47535",
"url": "https://www.suse.com/security/cve/CVE-2021-47535"
},
{
"category": "external",
"summary": "SUSE Bug 1225446 for CVE-2021-47535",
"url": "https://bugzilla.suse.com/1225446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47535"
},
{
"cve": "CVE-2021-47536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47536"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix wrong list_del in smc_lgr_cleanup_early\n\nsmc_lgr_cleanup_early() meant to delete the link\ngroup from the link group list, but it deleted\nthe list head by mistake.\n\nThis may cause memory corruption since we didn\u0027t\nremove the real link group from the list and later\nmemseted the link group structure.\nWe got a list corruption panic when testing:\n\n[ 231.277259] list_del corruption. prev-\u003enext should be ffff8881398a8000, but was 0000000000000000\n[ 231.278222] ------------[ cut here ]------------\n[ 231.278726] kernel BUG at lib/list_debug.c:53!\n[ 231.279326] invalid opcode: 0000 [#1] SMP NOPTI\n[ 231.279803] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.10.46+ #435\n[ 231.280466] Hardware name: Alibaba Cloud ECS, BIOS 8c24b4c 04/01/2014\n[ 231.281248] Workqueue: events smc_link_down_work\n[ 231.281732] RIP: 0010:__list_del_entry_valid+0x70/0x90\n[ 231.282258] Code: 4c 60 82 e8 7d cc 6a 00 0f 0b 48 89 fe 48 c7 c7 88 4c\n60 82 e8 6c cc 6a 00 0f 0b 48 89 fe 48 c7 c7 c0 4c 60 82 e8 5b cc 6a 00 \u003c0f\u003e\n0b 48 89 fe 48 c7 c7 00 4d 60 82 e8 4a cc 6a 00 0f 0b cc cc cc\n[ 231.284146] RSP: 0018:ffffc90000033d58 EFLAGS: 00010292\n[ 231.284685] RAX: 0000000000000054 RBX: ffff8881398a8000 RCX: 0000000000000000\n[ 231.285415] RDX: 0000000000000001 RSI: ffff88813bc18040 RDI: ffff88813bc18040\n[ 231.286141] RBP: ffffffff8305ad40 R08: 0000000000000003 R09: 0000000000000001\n[ 231.286873] R10: ffffffff82803da0 R11: ffffc90000033b90 R12: 0000000000000001\n[ 231.287606] R13: 0000000000000000 R14: ffff8881398a8000 R15: 0000000000000003\n[ 231.288337] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000\n[ 231.289160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 231.289754] CR2: 0000000000e72058 CR3: 000000010fa96006 CR4: 00000000003706f0\n[ 231.290485] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 231.291211] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 231.291940] Call Trace:\n[ 231.292211] smc_lgr_terminate_sched+0x53/0xa0\n[ 231.292677] smc_switch_conns+0x75/0x6b0\n[ 231.293085] ? update_load_avg+0x1a6/0x590\n[ 231.293517] ? ttwu_do_wakeup+0x17/0x150\n[ 231.293907] ? update_load_avg+0x1a6/0x590\n[ 231.294317] ? newidle_balance+0xca/0x3d0\n[ 231.294716] smcr_link_down+0x50/0x1a0\n[ 231.295090] ? __wake_up_common_lock+0x77/0x90\n[ 231.295534] smc_link_down_work+0x46/0x60\n[ 231.295933] process_one_work+0x18b/0x350",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47536",
"url": "https://www.suse.com/security/cve/CVE-2021-47536"
},
{
"category": "external",
"summary": "SUSE Bug 1225447 for CVE-2021-47536",
"url": "https://bugzilla.suse.com/1225447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47536"
},
{
"cve": "CVE-2021-47537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix a memleak bug in rvu_mbox_init()\n\nIn rvu_mbox_init(), mbox_regions is not freed or passed out\nunder the switch-default region, which could lead to a memory leak.\n\nFix this bug by changing \u0027return err\u0027 to \u0027goto free_regions\u0027.\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_OCTEONTX2_AF=y show no new warnings,\nand our static analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47537",
"url": "https://www.suse.com/security/cve/CVE-2021-47537"
},
{
"category": "external",
"summary": "SUSE Bug 1225375 for CVE-2021-47537",
"url": "https://bugzilla.suse.com/1225375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47537"
},
{
"cve": "CVE-2021-47540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode\n\nFix the following NULL pointer dereference in mt7915_get_phy_mode\nroutine adding an ibss interface to the mt7915 driver.\n\n[ 101.137097] wlan0: Trigger new scan to find an IBSS to join\n[ 102.827039] wlan0: Creating new IBSS network, BSSID 26:a4:50:1a:6e:69\n[ 103.064756] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 103.073670] Mem abort info:\n[ 103.076520] ESR = 0x96000005\n[ 103.079614] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 103.084934] SET = 0, FnV = 0\n[ 103.088042] EA = 0, S1PTW = 0\n[ 103.091215] Data abort info:\n[ 103.094104] ISV = 0, ISS = 0x00000005\n[ 103.098041] CM = 0, WnR = 0\n[ 103.101044] user pgtable: 4k pages, 39-bit VAs, pgdp=00000000460b1000\n[ 103.107565] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 103.116590] Internal error: Oops: 96000005 [#1] SMP\n[ 103.189066] CPU: 1 PID: 333 Comm: kworker/u4:3 Not tainted 5.10.75 #0\n[ 103.195498] Hardware name: MediaTek MT7622 RFB1 board (DT)\n[ 103.201124] Workqueue: phy0 ieee80211_iface_work [mac80211]\n[ 103.206695] pstate: 20000005 (nzCv daif -PAN -UAO -TCO BTYPE=--)\n[ 103.212705] pc : mt7915_get_phy_mode+0x68/0x120 [mt7915e]\n[ 103.218103] lr : mt7915_mcu_add_bss_info+0x11c/0x760 [mt7915e]\n[ 103.223927] sp : ffffffc011cdb9e0\n[ 103.227235] x29: ffffffc011cdb9e0 x28: ffffff8006563098\n[ 103.232545] x27: ffffff8005f4da22 x26: ffffff800685ac40\n[ 103.237855] x25: 0000000000000001 x24: 000000000000011f\n[ 103.243165] x23: ffffff8005f4e260 x22: ffffff8006567918\n[ 103.248475] x21: ffffff8005f4df80 x20: ffffff800685ac58\n[ 103.253785] x19: ffffff8006744400 x18: 0000000000000000\n[ 103.259094] x17: 0000000000000000 x16: 0000000000000001\n[ 103.264403] x15: 000899c3a2d9d2e4 x14: 000899bdc3c3a1c8\n[ 103.269713] x13: 0000000000000000 x12: 0000000000000000\n[ 103.275024] x11: ffffffc010e30c20 x10: 0000000000000000\n[ 103.280333] x9 : 0000000000000050 x8 : ffffff8006567d88\n[ 103.285642] x7 : ffffff8006563b5c x6 : ffffff8006563b44\n[ 103.290952] x5 : 0000000000000002 x4 : 0000000000000001\n[ 103.296262] x3 : 0000000000000001 x2 : 0000000000000001\n[ 103.301572] x1 : 0000000000000000 x0 : 0000000000000011\n[ 103.306882] Call trace:\n[ 103.309328] mt7915_get_phy_mode+0x68/0x120 [mt7915e]\n[ 103.314378] mt7915_bss_info_changed+0x198/0x200 [mt7915e]\n[ 103.319941] ieee80211_bss_info_change_notify+0x128/0x290 [mac80211]\n[ 103.326360] __ieee80211_sta_join_ibss+0x308/0x6c4 [mac80211]\n[ 103.332171] ieee80211_sta_create_ibss+0x8c/0x10c [mac80211]\n[ 103.337895] ieee80211_ibss_work+0x3dc/0x614 [mac80211]\n[ 103.343185] ieee80211_iface_work+0x388/0x3f0 [mac80211]\n[ 103.348495] process_one_work+0x288/0x690\n[ 103.352499] worker_thread+0x70/0x464\n[ 103.356157] kthread+0x144/0x150\n[ 103.359380] ret_from_fork+0x10/0x18\n[ 103.362952] Code: 394008c3 52800220 394000e4 7100007f (39400023)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47540",
"url": "https://www.suse.com/security/cve/CVE-2021-47540"
},
{
"category": "external",
"summary": "SUSE Bug 1225386 for CVE-2021-47540",
"url": "https://bugzilla.suse.com/1225386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47540"
},
{
"cve": "CVE-2021-47541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()\n\nIn mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and\ntmp-\u003etx_cq will be freed on the error path of mlx4_en_copy_priv().\nAfter that mlx4_en_alloc_resources() is called and there is a dereference\nof \u0026tmp-\u003etx_cq[t][i] in mlx4_en_alloc_resources(), which could lead to\na use after free problem on failure of mlx4_en_copy_priv().\n\nFix this bug by adding a check of mlx4_en_copy_priv()\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_MLX4_EN=m show no new warnings,\nand our static analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47541",
"url": "https://www.suse.com/security/cve/CVE-2021-47541"
},
{
"category": "external",
"summary": "SUSE Bug 1225453 for CVE-2021-47541",
"url": "https://bugzilla.suse.com/1225453"
},
{
"category": "external",
"summary": "SUSE Bug 1225454 for CVE-2021-47541",
"url": "https://bugzilla.suse.com/1225454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47541"
},
{
"cve": "CVE-2021-47542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47542"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()\n\nIn qlcnic_83xx_add_rings(), the indirect function of\nahw-\u003ehw_ops-\u003ealloc_mbx_args will be called to allocate memory for\ncmd.req.arg, and there is a dereference of it in qlcnic_83xx_add_rings(),\nwhich could lead to a NULL pointer dereference on failure of the\nindirect function like qlcnic_83xx_alloc_mbx_args().\n\nFix this bug by adding a check of alloc_mbx_args(), this patch\nimitates the logic of mbx_cmd()\u0027s failure handling.\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_QLCNIC=m show no new warnings, and our\nstatic analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47542",
"url": "https://www.suse.com/security/cve/CVE-2021-47542"
},
{
"category": "external",
"summary": "SUSE Bug 1225455 for CVE-2021-47542",
"url": "https://bugzilla.suse.com/1225455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47542"
},
{
"cve": "CVE-2021-47544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix page frag corruption on page fault\n\nSteffen reported a TCP stream corruption for HTTP requests\nserved by the apache web-server using a cifs mount-point\nand memory mapping the relevant file.\n\nThe root cause is quite similar to the one addressed by\ncommit 20eb4f29b602 (\"net: fix sk_page_frag() recursion from\nmemory reclaim\"). Here the nested access to the task page frag\nis caused by a page fault on the (mmapped) user-space memory\nbuffer coming from the cifs file.\n\nThe page fault handler performs an smb transaction on a different\nsocket, inside the same process context. Since sk-\u003esk_allaction\nfor such socket does not prevent the usage for the task_frag,\nthe nested allocation modify \"under the hood\" the page frag\nin use by the outer sendmsg call, corrupting the stream.\n\nThe overall relevant stack trace looks like the following:\n\nhttpd 78268 [001] 3461630.850950: probe:tcp_sendmsg_locked:\n ffffffff91461d91 tcp_sendmsg_locked+0x1\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139814e sock_sendmsg+0x3e\n ffffffffc06dfe1d smb_send_kvec+0x28\n [...]\n ffffffffc06cfaf8 cifs_readpages+0x213\n ffffffff90e83c4b read_pages+0x6b\n ffffffff90e83f31 __do_page_cache_readahead+0x1c1\n ffffffff90e79e98 filemap_fault+0x788\n ffffffff90eb0458 __do_fault+0x38\n ffffffff90eb5280 do_fault+0x1a0\n ffffffff90eb7c84 __handle_mm_fault+0x4d4\n ffffffff90eb8093 handle_mm_fault+0xc3\n ffffffff90c74f6d __do_page_fault+0x1ed\n ffffffff90c75277 do_page_fault+0x37\n ffffffff9160111e page_fault+0x1e\n ffffffff9109e7b5 copyin+0x25\n ffffffff9109eb40 _copy_from_iter_full+0xe0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139815c sock_sendmsg+0x4c\n ffffffff913981f7 sock_write_iter+0x97\n ffffffff90f2cc56 do_iter_readv_writev+0x156\n ffffffff90f2dff0 do_iter_write+0x80\n ffffffff90f2e1c3 vfs_writev+0xa3\n ffffffff90f2e27c do_writev+0x5c\n ffffffff90c042bb do_syscall_64+0x5b\n ffffffff916000ad entry_SYSCALL_64_after_hwframe+0x65\n\nThe cifs filesystem rightfully sets sk_allocations to GFP_NOFS,\nwe can avoid the nesting using the sk page frag for allocation\nlacking the __GFP_FS flag. Do not define an additional mm-helper\nfor that, as this is strictly tied to the sk page frag usage.\n\nv1 -\u003e v2:\n - use a stricted sk_page_frag() check instead of reordering the\n code (Eric)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47544",
"url": "https://www.suse.com/security/cve/CVE-2021-47544"
},
{
"category": "external",
"summary": "SUSE Bug 1225463 for CVE-2021-47544",
"url": "https://bugzilla.suse.com/1225463"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47544"
},
{
"cve": "CVE-2021-47549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl\n\nWhen the `rmmod sata_fsl.ko` command is executed in the PPC64 GNU/Linux,\na bug is reported:\n ==================================================================\n BUG: Unable to handle kernel data access on read at 0x80000800805b502c\n Oops: Kernel access of bad area, sig: 11 [#1]\n NIP [c0000000000388a4] .ioread32+0x4/0x20\n LR [80000000000c6034] .sata_fsl_port_stop+0x44/0xe0 [sata_fsl]\n Call Trace:\n .free_irq+0x1c/0x4e0 (unreliable)\n .ata_host_stop+0x74/0xd0 [libata]\n .release_nodes+0x330/0x3f0\n .device_release_driver_internal+0x178/0x2c0\n .driver_detach+0x64/0xd0\n .bus_remove_driver+0x70/0xf0\n .driver_unregister+0x38/0x80\n .platform_driver_unregister+0x14/0x30\n .fsl_sata_driver_exit+0x18/0xa20 [sata_fsl]\n .__se_sys_delete_module+0x1ec/0x2d0\n .system_call_exception+0xfc/0x1f0\n system_call_common+0xf8/0x200\n ==================================================================\n\nThe triggering of the BUG is shown in the following stack:\n\ndriver_detach\n device_release_driver_internal\n __device_release_driver\n drv-\u003eremove(dev) --\u003e platform_drv_remove/platform_remove\n drv-\u003eremove(dev) --\u003e sata_fsl_remove\n iounmap(host_priv-\u003ehcr_base);\t\t\t\u003c---- unmap\n kfree(host_priv); \u003c---- free\n devres_release_all\n release_nodes\n dr-\u003enode.release(dev, dr-\u003edata) --\u003e ata_host_stop\n ap-\u003eops-\u003eport_stop(ap) --\u003e sata_fsl_port_stop\n ioread32(hcr_base + HCONTROL) \u003c---- UAF\n host-\u003eops-\u003ehost_stop(host)\n\nThe iounmap(host_priv-\u003ehcr_base) and kfree(host_priv) functions should\nnot be executed in drv-\u003eremove. These functions should be executed in\nhost_stop after port_stop. Therefore, we move these functions to the\nnew function sata_fsl_host_stop and bind the new function to host_stop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47549",
"url": "https://www.suse.com/security/cve/CVE-2021-47549"
},
{
"category": "external",
"summary": "SUSE Bug 1225508 for CVE-2021-47549",
"url": "https://bugzilla.suse.com/1225508"
},
{
"category": "external",
"summary": "SUSE Bug 1227654 for CVE-2021-47549",
"url": "https://bugzilla.suse.com/1227654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47549"
},
{
"cve": "CVE-2021-47550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdgpu: fix potential memleak\n\nIn function amdgpu_get_xgmi_hive, when kobject_init_and_add failed\nThere is a potential memleak if not call kobject_put.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47550",
"url": "https://www.suse.com/security/cve/CVE-2021-47550"
},
{
"category": "external",
"summary": "SUSE Bug 1225379 for CVE-2021-47550",
"url": "https://bugzilla.suse.com/1225379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47550"
},
{
"cve": "CVE-2021-47551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47551"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again\n\nIn SRIOV configuration, the reset may failed to bring asic back to normal but stop cpsch\nalready been called, the start_cpsch will not be called since there is no resume in this\ncase. When reset been triggered again, driver should avoid to do uninitialization again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47551",
"url": "https://www.suse.com/security/cve/CVE-2021-47551"
},
{
"category": "external",
"summary": "SUSE Bug 1225510 for CVE-2021-47551",
"url": "https://bugzilla.suse.com/1225510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47551"
},
{
"cve": "CVE-2021-47553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/scs: Reset task stack state in bringup_cpu()\n\nTo hot unplug a CPU, the idle task on that CPU calls a few layers of C\ncode before finally leaving the kernel. When KASAN is in use, poisoned\nshadow is left around for each of the active stack frames, and when\nshadow call stacks are in use. When shadow call stacks (SCS) are in use\nthe task\u0027s saved SCS SP is left pointing at an arbitrary point within\nthe task\u0027s shadow call stack.\n\nWhen a CPU is offlined than onlined back into the kernel, this stale\nstate can adversely affect execution. Stale KASAN shadow can alias new\nstackframes and result in bogus KASAN warnings. A stale SCS SP is\neffectively a memory leak, and prevents a portion of the shadow call\nstack being used. Across a number of hotplug cycles the idle task\u0027s\nentire shadow call stack can become unusable.\n\nWe previously fixed the KASAN issue in commit:\n\n e1b77c92981a5222 (\"sched/kasan: remove stale KASAN poison after hotplug\")\n\n... by removing any stale KASAN stack poison immediately prior to\nonlining a CPU.\n\nSubsequently in commit:\n\n f1a0a376ca0c4ef1 (\"sched/core: Initialize the idle task with preemption disabled\")\n\n... the refactoring left the KASAN and SCS cleanup in one-time idle\nthread initialization code rather than something invoked prior to each\nCPU being onlined, breaking both as above.\n\nWe fixed SCS (but not KASAN) in commit:\n\n 63acd42c0d4942f7 (\"sched/scs: Reset the shadow stack when idle_task_exit\")\n\n... but as this runs in the context of the idle task being offlined it\u0027s\npotentially fragile.\n\nTo fix these consistently and more robustly, reset the SCS SP and KASAN\nshadow of a CPU\u0027s idle task immediately before we online that CPU in\nbringup_cpu(). This ensures the idle task always has a consistent state\nwhen it is running, and removes the need to so so when exiting an idle\ntask.\n\nWhenever any thread is created, dup_task_struct() will give the task a\nstack which is free of KASAN shadow, and initialize the task\u0027s SCS SP,\nso there\u0027s no need to specially initialize either for idle thread within\ninit_idle(), as this was only necessary to handle hotplug cycles.\n\nI\u0027ve tested this on arm64 with:\n\n* gcc 11.1.0, defconfig +KASAN_INLINE, KASAN_STACK\n* clang 12.0.0, defconfig +KASAN_INLINE, KASAN_STACK, SHADOW_CALL_STACK\n\n... offlining and onlining CPUS with:\n\n| while true; do\n| for C in /sys/devices/system/cpu/cpu*/online; do\n| echo 0 \u003e $C;\n| echo 1 \u003e $C;\n| done\n| done",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47553",
"url": "https://www.suse.com/security/cve/CVE-2021-47553"
},
{
"category": "external",
"summary": "SUSE Bug 1225464 for CVE-2021-47553",
"url": "https://bugzilla.suse.com/1225464"
},
{
"category": "external",
"summary": "SUSE Bug 1227558 for CVE-2021-47553",
"url": "https://bugzilla.suse.com/1227558"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47553"
},
{
"cve": "CVE-2021-47554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47554"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa_sim: avoid putting an uninitialized iova_domain\n\nThe system will crash if we put an uninitialized iova_domain, this\ncould happen when an error occurs before initializing the iova_domain\nin vdpasim_create().\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:__cpuhp_state_remove_instance+0x96/0x1c0\n...\nCall Trace:\n \u003cTASK\u003e\n put_iova_domain+0x29/0x220\n vdpasim_free+0xd1/0x120 [vdpa_sim]\n vdpa_release_dev+0x21/0x40 [vdpa]\n device_release+0x33/0x90\n kobject_release+0x63/0x160\n vdpasim_create+0x127/0x2a0 [vdpa_sim]\n vdpasim_net_dev_add+0x7d/0xfe [vdpa_sim_net]\n vdpa_nl_cmd_dev_add_set_doit+0xe1/0x1a0 [vdpa]\n genl_family_rcv_msg_doit+0x112/0x140\n genl_rcv_msg+0xdf/0x1d0\n ...\n\nSo we must make sure the iova_domain is already initialized before\nput it.\n\nIn addition, we may get the following warning in this case:\nWARNING: ... drivers/iommu/iova.c:344 iova_cache_put+0x58/0x70\n\nSo we must make sure the iova_cache_put() is invoked only if the\niova_cache_get() is already invoked. Let\u0027s fix it together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47554",
"url": "https://www.suse.com/security/cve/CVE-2021-47554"
},
{
"category": "external",
"summary": "SUSE Bug 1225466 for CVE-2021-47554",
"url": "https://bugzilla.suse.com/1225466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47554"
},
{
"cve": "CVE-2021-47556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()\n\nethtool_set_coalesce() now uses both the .get_coalesce() and\n.set_coalesce() callbacks. But the check for their availability is\nbuggy, so changing the coalesce settings on a device where the driver\nprovides only _one_ of the callbacks results in a NULL pointer\ndereference instead of an -EOPNOTSUPP.\n\nFix the condition so that the availability of both callbacks is\nensured. This also matches the netlink code.\n\nNote that reproducing this requires some effort - it only affects the\nlegacy ioctl path, and needs a specific combination of driver options:\n- have .get_coalesce() and .coalesce_supported but no\n .set_coalesce(), or\n- have .set_coalesce() but no .get_coalesce(). Here eg. ethtool doesn\u0027t\n cause the crash as it first attempts to call ethtool_get_coalesce()\n and bails out on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47556",
"url": "https://www.suse.com/security/cve/CVE-2021-47556"
},
{
"category": "external",
"summary": "SUSE Bug 1225383 for CVE-2021-47556",
"url": "https://bugzilla.suse.com/1225383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47556"
},
{
"cve": "CVE-2021-47558",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47558"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Disable Tx queues when reconfiguring the interface\n\nThe Tx queues were not disabled in situations where the driver needed to\nstop the interface to apply a new configuration. This could result in a\nkernel panic when doing any of the 3 following actions:\n* reconfiguring the number of queues (ethtool -L)\n* reconfiguring the size of the ring buffers (ethtool -G)\n* installing/removing an XDP program (ip l set dev ethX xdp)\n\nPrevent the panic by making sure netif_tx_disable is called when stopping\nan interface.\n\nWithout this patch, the following kernel panic can be observed when doing\nany of the actions above:\n\nUnable to handle kernel paging request at virtual address ffff80001238d040\n[....]\n Call trace:\n dwmac4_set_addr+0x8/0x10\n dev_hard_start_xmit+0xe4/0x1ac\n sch_direct_xmit+0xe8/0x39c\n __dev_queue_xmit+0x3ec/0xaf0\n dev_queue_xmit+0x14/0x20\n[...]\n[ end trace 0000000000000002 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47558",
"url": "https://www.suse.com/security/cve/CVE-2021-47558"
},
{
"category": "external",
"summary": "SUSE Bug 1225492 for CVE-2021-47558",
"url": "https://bugzilla.suse.com/1225492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47558"
},
{
"cve": "CVE-2021-47559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()\n\nCoverity reports a possible NULL dereferencing problem:\n\nin smc_vlan_by_tcpsk():\n6. returned_null: netdev_lower_get_next returns NULL (checked 29 out of 30 times).\n7. var_assigned: Assigning: ndev = NULL return value from netdev_lower_get_next.\n1623 ndev = (struct net_device *)netdev_lower_get_next(ndev, \u0026lower);\nCID 1468509 (#1 of 1): Dereference null return value (NULL_RETURNS)\n8. dereference: Dereferencing a pointer that might be NULL ndev when calling is_vlan_dev.\n1624 if (is_vlan_dev(ndev)) {\n\nRemove the manual implementation and use netdev_walk_all_lower_dev() to\niterate over the lower devices. While on it remove an obsolete function\nparameter comment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47559",
"url": "https://www.suse.com/security/cve/CVE-2021-47559"
},
{
"category": "external",
"summary": "SUSE Bug 1225396 for CVE-2021-47559",
"url": "https://bugzilla.suse.com/1225396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47559"
},
{
"cve": "CVE-2021-47560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum: Protect driver from buggy firmware\n\nWhen processing port up/down events generated by the device\u0027s firmware,\nthe driver protects itself from events reported for non-existent local\nports, but not the CPU port (local port 0), which exists, but lacks a\nnetdev.\n\nThis can result in a NULL pointer dereference when calling\nnetif_carrier_{on,off}().\n\nFix this by bailing early when processing an event reported for the CPU\nport. Problem was only observed when running on top of a buggy emulator.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47560",
"url": "https://www.suse.com/security/cve/CVE-2021-47560"
},
{
"category": "external",
"summary": "SUSE Bug 1225495 for CVE-2021-47560",
"url": "https://bugzilla.suse.com/1225495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47560"
},
{
"cve": "CVE-2021-47562",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47562"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix vsi-\u003etxq_map sizing\n\nThe approach of having XDP queue per CPU regardless of user\u0027s setting\nexposed a hidden bug that could occur in case when Rx queue count differ\nfrom Tx queue count. Currently vsi-\u003etxq_map\u0027s size is equal to the\ndoubled vsi-\u003ealloc_txq, which is not correct due to the fact that XDP\nrings were previously based on the Rx queue count. Below splat can be\nseen when ethtool -L is used and XDP rings are configured:\n\n[ 682.875339] BUG: kernel NULL pointer dereference, address: 000000000000000f\n[ 682.883403] #PF: supervisor read access in kernel mode\n[ 682.889345] #PF: error_code(0x0000) - not-present page\n[ 682.895289] PGD 0 P4D 0\n[ 682.898218] Oops: 0000 [#1] PREEMPT SMP PTI\n[ 682.903055] CPU: 42 PID: 2878 Comm: ethtool Tainted: G OE 5.15.0-rc5+ #1\n[ 682.912214] Hardware name: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 05/19/2016\n[ 682.923380] RIP: 0010:devres_remove+0x44/0x130\n[ 682.928527] Code: 49 89 f4 55 48 89 fd 4c 89 ff 53 48 83 ec 10 e8 92 b9 49 00 48 8b 9d a8 02 00 00 48 8d 8d a0 02 00 00 49 89 c2 48 39 cb 74 0f \u003c4c\u003e 3b 63 10 74 25 48 8b 5b 08 48 39 cb 75 f1 4c 89 ff 4c 89 d6 e8\n[ 682.950237] RSP: 0018:ffffc90006a679f0 EFLAGS: 00010002\n[ 682.956285] RAX: 0000000000000286 RBX: ffffffffffffffff RCX: ffff88908343a370\n[ 682.964538] RDX: 0000000000000001 RSI: ffffffff81690d60 RDI: 0000000000000000\n[ 682.972789] RBP: ffff88908343a0d0 R08: 0000000000000000 R09: 0000000000000000\n[ 682.981040] R10: 0000000000000286 R11: 3fffffffffffffff R12: ffffffff81690d60\n[ 682.989282] R13: ffffffff81690a00 R14: ffff8890819807a8 R15: ffff88908343a36c\n[ 682.997535] FS: 00007f08c7bfa740(0000) GS:ffff88a03fd00000(0000) knlGS:0000000000000000\n[ 683.006910] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 683.013557] CR2: 000000000000000f CR3: 0000001080a66003 CR4: 00000000003706e0\n[ 683.021819] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 683.030075] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 683.038336] Call Trace:\n[ 683.041167] devm_kfree+0x33/0x50\n[ 683.045004] ice_vsi_free_arrays+0x5e/0xc0 [ice]\n[ 683.050380] ice_vsi_rebuild+0x4c8/0x750 [ice]\n[ 683.055543] ice_vsi_recfg_qs+0x9a/0x110 [ice]\n[ 683.060697] ice_set_channels+0x14f/0x290 [ice]\n[ 683.065962] ethnl_set_channels+0x333/0x3f0\n[ 683.070807] genl_family_rcv_msg_doit+0xea/0x150\n[ 683.076152] genl_rcv_msg+0xde/0x1d0\n[ 683.080289] ? channels_prepare_data+0x60/0x60\n[ 683.085432] ? genl_get_cmd+0xd0/0xd0\n[ 683.089667] netlink_rcv_skb+0x50/0xf0\n[ 683.094006] genl_rcv+0x24/0x40\n[ 683.097638] netlink_unicast+0x239/0x340\n[ 683.102177] netlink_sendmsg+0x22e/0x470\n[ 683.106717] sock_sendmsg+0x5e/0x60\n[ 683.110756] __sys_sendto+0xee/0x150\n[ 683.114894] ? handle_mm_fault+0xd0/0x2a0\n[ 683.119535] ? do_user_addr_fault+0x1f3/0x690\n[ 683.134173] __x64_sys_sendto+0x25/0x30\n[ 683.148231] do_syscall_64+0x3b/0xc0\n[ 683.161992] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFix this by taking into account the value that num_possible_cpus()\nyields in addition to vsi-\u003ealloc_txq instead of doubling the latter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47562",
"url": "https://www.suse.com/security/cve/CVE-2021-47562"
},
{
"category": "external",
"summary": "SUSE Bug 1225499 for CVE-2021-47562",
"url": "https://bugzilla.suse.com/1225499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47562"
},
{
"cve": "CVE-2021-47563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: avoid bpf_prog refcount underflow\n\nIce driver has the routines for managing XDP resources that are shared\nbetween ndo_bpf op and VSI rebuild flow. The latter takes place for\nexample when user changes queue count on an interface via ethtool\u0027s\nset_channels().\n\nThere is an issue around the bpf_prog refcounting when VSI is being\nrebuilt - since ice_prepare_xdp_rings() is called with vsi-\u003exdp_prog as\nan argument that is used later on by ice_vsi_assign_bpf_prog(), same\nbpf_prog pointers are swapped with each other. Then it is also\ninterpreted as an \u0027old_prog\u0027 which in turn causes us to call\nbpf_prog_put on it that will decrement its refcount.\n\nBelow splat can be interpreted in a way that due to zero refcount of a\nbpf_prog it is wiped out from the system while kernel still tries to\nrefer to it:\n\n[ 481.069429] BUG: unable to handle page fault for address: ffffc9000640f038\n[ 481.077390] #PF: supervisor read access in kernel mode\n[ 481.083335] #PF: error_code(0x0000) - not-present page\n[ 481.089276] PGD 100000067 P4D 100000067 PUD 1001cb067 PMD 106d2b067 PTE 0\n[ 481.097141] Oops: 0000 [#1] PREEMPT SMP PTI\n[ 481.101980] CPU: 12 PID: 3339 Comm: sudo Tainted: G OE 5.15.0-rc5+ #1\n[ 481.110840] Hardware name: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 05/19/2016\n[ 481.122021] RIP: 0010:dev_xdp_prog_id+0x25/0x40\n[ 481.127265] Code: 80 00 00 00 00 0f 1f 44 00 00 89 f6 48 c1 e6 04 48 01 fe 48 8b 86 98 08 00 00 48 85 c0 74 13 48 8b 50 18 31 c0 48 85 d2 74 07 \u003c48\u003e 8b 42 38 8b 40 20 c3 48 8b 96 90 08 00 00 eb e8 66 2e 0f 1f 84\n[ 481.148991] RSP: 0018:ffffc90007b63868 EFLAGS: 00010286\n[ 481.155034] RAX: 0000000000000000 RBX: ffff889080824000 RCX: 0000000000000000\n[ 481.163278] RDX: ffffc9000640f000 RSI: ffff889080824010 RDI: ffff889080824000\n[ 481.171527] RBP: ffff888107af7d00 R08: 0000000000000000 R09: ffff88810db5f6e0\n[ 481.179776] R10: 0000000000000000 R11: ffff8890885b9988 R12: ffff88810db5f4bc\n[ 481.188026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 481.196276] FS: 00007f5466d5bec0(0000) GS:ffff88903fb00000(0000) knlGS:0000000000000000\n[ 481.205633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 481.212279] CR2: ffffc9000640f038 CR3: 000000014429c006 CR4: 00000000003706e0\n[ 481.220530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 481.228771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 481.237029] Call Trace:\n[ 481.239856] rtnl_fill_ifinfo+0x768/0x12e0\n[ 481.244602] rtnl_dump_ifinfo+0x525/0x650\n[ 481.249246] ? __alloc_skb+0xa5/0x280\n[ 481.253484] netlink_dump+0x168/0x3c0\n[ 481.257725] netlink_recvmsg+0x21e/0x3e0\n[ 481.262263] ____sys_recvmsg+0x87/0x170\n[ 481.266707] ? __might_fault+0x20/0x30\n[ 481.271046] ? _copy_from_user+0x66/0xa0\n[ 481.275591] ? iovec_from_user+0xf6/0x1c0\n[ 481.280226] ___sys_recvmsg+0x82/0x100\n[ 481.284566] ? sock_sendmsg+0x5e/0x60\n[ 481.288791] ? __sys_sendto+0xee/0x150\n[ 481.293129] __sys_recvmsg+0x56/0xa0\n[ 481.297267] do_syscall_64+0x3b/0xc0\n[ 481.301395] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 481.307238] RIP: 0033:0x7f5466f39617\n[ 481.311373] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb bd 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2f 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10\n[ 481.342944] RSP: 002b:00007ffedc7f4308 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\n[ 481.361783] RAX: ffffffffffffffda RBX: 00007ffedc7f5460 RCX: 00007f5466f39617\n[ 481.380278] RDX: 0000000000000000 RSI: 00007ffedc7f5360 RDI: 0000000000000003\n[ 481.398500] RBP: 00007ffedc7f53f0 R08: 0000000000000000 R09: 000055d556f04d50\n[ 481.416463] R10: 0000000000000077 R11: 0000000000000246 R12: 00007ffedc7f5360\n[ 481.434131] R13: 00007ffedc7f5350 R14: 00007ffedc7f5344 R15: 0000000000000e98\n[ 481.451520] Modules linked in: ice\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47563",
"url": "https://www.suse.com/security/cve/CVE-2021-47563"
},
{
"category": "external",
"summary": "SUSE Bug 1225500 for CVE-2021-47563",
"url": "https://bugzilla.suse.com/1225500"
},
{
"category": "external",
"summary": "SUSE Bug 1227695 for CVE-2021-47563",
"url": "https://bugzilla.suse.com/1227695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2021-47563"
},
{
"cve": "CVE-2021-47564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47564"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix double free issue on err path\n\nfix error path handling in prestera_bridge_port_join() that\ncases prestera driver to crash (see below).\n\n Trace:\n Internal error: Oops: 96000044 [#1] SMP\n Modules linked in: prestera_pci prestera uio_pdrv_genirq\n CPU: 1 PID: 881 Comm: ip Not tainted 5.15.0 #1\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : prestera_bridge_destroy+0x2c/0xb0 [prestera]\n lr : prestera_bridge_port_join+0x2cc/0x350 [prestera]\n sp : ffff800011a1b0f0\n ...\n x2 : ffff000109ca6c80 x1 : dead000000000100 x0 : dead000000000122\n Call trace:\n prestera_bridge_destroy+0x2c/0xb0 [prestera]\n prestera_bridge_port_join+0x2cc/0x350 [prestera]\n prestera_netdev_port_event.constprop.0+0x3c4/0x450 [prestera]\n prestera_netdev_event_handler+0xf4/0x110 [prestera]\n raw_notifier_call_chain+0x54/0x80\n call_netdevice_notifiers_info+0x54/0xa0\n __netdev_upper_dev_link+0x19c/0x380",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47564",
"url": "https://www.suse.com/security/cve/CVE-2021-47564"
},
{
"category": "external",
"summary": "SUSE Bug 1225501 for CVE-2021-47564",
"url": "https://bugzilla.suse.com/1225501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47564"
},
{
"cve": "CVE-2021-47565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix kernel panic during drive powercycle test\n\nWhile looping over shost\u0027s sdev list it is possible that one\nof the drives is getting removed and its sas_target object is\nfreed but its sdev object remains intact.\n\nConsequently, a kernel panic can occur while the driver is trying to access\nthe sas_address field of sas_target object without also checking the\nsas_target object for NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47565",
"url": "https://www.suse.com/security/cve/CVE-2021-47565"
},
{
"category": "external",
"summary": "SUSE Bug 1225384 for CVE-2021-47565",
"url": "https://bugzilla.suse.com/1225384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2021-47565"
},
{
"cve": "CVE-2022-48632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while \u0027operation-\u003elength\u0027 upper bound\nis not checked and \u0027data_idx\u0027 also increments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48632",
"url": "https://www.suse.com/security/cve/CVE-2022-48632"
},
{
"category": "external",
"summary": "SUSE Bug 1223481 for CVE-2022-48632",
"url": "https://bugzilla.suse.com/1223481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48632"
},
{
"cve": "CVE-2022-48634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gma500: Fix BUG: sleeping function called from invalid context errors\n\ngma_crtc_page_flip() was holding the event_lock spinlock while calling\ncrtc_funcs-\u003emode_set_base() which takes ww_mutex.\n\nThe only reason to hold event_lock is to clear gma_crtc-\u003epage_flip_event\non mode_set_base() errors.\n\nInstead unlock it after setting gma_crtc-\u003epage_flip_event and on\nerrors re-take the lock and clear gma_crtc-\u003epage_flip_event it\nit is still set.\n\nThis fixes the following WARN/stacktrace:\n\n[ 512.122953] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:870\n[ 512.123004] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1253, name: gnome-shell\n[ 512.123031] preempt_count: 1, expected: 0\n[ 512.123048] RCU nest depth: 0, expected: 0\n[ 512.123066] INFO: lockdep is turned off.\n[ 512.123080] irq event stamp: 0\n[ 512.123094] hardirqs last enabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 512.123134] hardirqs last disabled at (0): [\u003cffffffff8d0ec28c\u003e] copy_process+0x9fc/0x1de0\n[ 512.123176] softirqs last enabled at (0): [\u003cffffffff8d0ec28c\u003e] copy_process+0x9fc/0x1de0\n[ 512.123207] softirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 512.123233] Preemption disabled at:\n[ 512.123241] [\u003c0000000000000000\u003e] 0x0\n[ 512.123275] CPU: 3 PID: 1253 Comm: gnome-shell Tainted: G W 5.19.0+ #1\n[ 512.123304] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013\n[ 512.123323] Call Trace:\n[ 512.123346] \u003cTASK\u003e\n[ 512.123370] dump_stack_lvl+0x5b/0x77\n[ 512.123412] __might_resched.cold+0xff/0x13a\n[ 512.123458] ww_mutex_lock+0x1e/0xa0\n[ 512.123495] psb_gem_pin+0x2c/0x150 [gma500_gfx]\n[ 512.123601] gma_pipe_set_base+0x76/0x240 [gma500_gfx]\n[ 512.123708] gma_crtc_page_flip+0x95/0x130 [gma500_gfx]\n[ 512.123808] drm_mode_page_flip_ioctl+0x57d/0x5d0\n[ 512.123897] ? drm_mode_cursor2_ioctl+0x10/0x10\n[ 512.123936] drm_ioctl_kernel+0xa1/0x150\n[ 512.123984] drm_ioctl+0x21f/0x420\n[ 512.124025] ? drm_mode_cursor2_ioctl+0x10/0x10\n[ 512.124070] ? rcu_read_lock_bh_held+0xb/0x60\n[ 512.124104] ? lock_release+0x1ef/0x2d0\n[ 512.124161] __x64_sys_ioctl+0x8d/0xd0\n[ 512.124203] do_syscall_64+0x58/0x80\n[ 512.124239] ? do_syscall_64+0x67/0x80\n[ 512.124267] ? trace_hardirqs_on_prepare+0x55/0xe0\n[ 512.124300] ? do_syscall_64+0x67/0x80\n[ 512.124340] ? rcu_read_lock_sched_held+0x10/0x80\n[ 512.124377] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 512.124411] RIP: 0033:0x7fcc4a70740f\n[ 512.124442] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 \u003c89\u003e c2 3d 00 f0 ff ff 77 18 48 8b 44 24 18 64 48 2b 04 25 28 00 00\n[ 512.124470] RSP: 002b:00007ffda73f5390 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 512.124503] RAX: ffffffffffffffda RBX: 000055cc9e474500 RCX: 00007fcc4a70740f\n[ 512.124524] RDX: 00007ffda73f5420 RSI: 00000000c01864b0 RDI: 0000000000000009\n[ 512.124544] RBP: 00007ffda73f5420 R08: 000055cc9c0b0cb0 R09: 0000000000000034\n[ 512.124564] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000c01864b0\n[ 512.124584] R13: 0000000000000009 R14: 000055cc9df484d0 R15: 000055cc9af5d0c0\n[ 512.124647] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48634",
"url": "https://www.suse.com/security/cve/CVE-2022-48634"
},
{
"category": "external",
"summary": "SUSE Bug 1223501 for CVE-2022-48634",
"url": "https://bugzilla.suse.com/1223501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48634"
},
{
"cve": "CVE-2022-48636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu-\u003elock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu-\u003elock held.\n\nFix by checking the pavgroup pointer with lcu-\u003elock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48636",
"url": "https://www.suse.com/security/cve/CVE-2022-48636"
},
{
"category": "external",
"summary": "SUSE Bug 1223512 for CVE-2022-48636",
"url": "https://bugzilla.suse.com/1223512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48636"
},
{
"cve": "CVE-2022-48652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix crash by keep old cfg when update TCs more than queues\n\nThere are problems if allocated queues less than Traffic Classes.\n\nCommit a632b2a4c920 (\"ice: ethtool: Prohibit improper channel config\nfor DCB\") already disallow setting less queues than TCs.\n\nAnother case is if we first set less queues, and later update more TCs\nconfig due to LLDP, ice_vsi_cfg_tc() will failed but left dirty\nnum_txq/rxq and tc_cfg in vsi, that will cause invalid pointer access.\n\n[ 95.968089] ice 0000:3b:00.1: More TCs defined than queues/rings allocated.\n[ 95.968092] ice 0000:3b:00.1: Trying to use more Rx queues (8), than were allocated (1)!\n[ 95.968093] ice 0000:3b:00.1: Failed to config TC for VSI index: 0\n[ 95.969621] general protection fault: 0000 [#1] SMP NOPTI\n[ 95.969705] CPU: 1 PID: 58405 Comm: lldpad Kdump: loaded Tainted: G U W O --------- -t - 4.18.0 #1\n[ 95.969867] Hardware name: O.E.M/BC11SPSCB10, BIOS 8.23 12/30/2021\n[ 95.969992] RIP: 0010:devm_kmalloc+0xa/0x60\n[ 95.970052] Code: 5c ff ff ff 31 c0 5b 5d 41 5c c3 b8 f4 ff ff ff eb f4 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 89 d1 \u003c8b\u003e 97 60 02 00 00 48 8d 7e 18 48 39 f7 72 3f 55 89 ce 53 48 8b 4c\n[ 95.970344] RSP: 0018:ffffc9003f553888 EFLAGS: 00010206\n[ 95.970425] RAX: dead000000000200 RBX: ffffea003c425b00 RCX: 00000000006080c0\n[ 95.970536] RDX: 00000000006080c0 RSI: 0000000000000200 RDI: dead000000000200\n[ 95.970648] RBP: dead000000000200 R08: 00000000000463c0 R09: ffff888ffa900000\n[ 95.970760] R10: 0000000000000000 R11: 0000000000000002 R12: ffff888ff6b40100\n[ 95.970870] R13: ffff888ff6a55018 R14: 0000000000000000 R15: ffff888ff6a55460\n[ 95.970981] FS: 00007f51b7d24700(0000) GS:ffff88903ee80000(0000) knlGS:0000000000000000\n[ 95.971108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 95.971197] CR2: 00007fac5410d710 CR3: 0000000f2c1de002 CR4: 00000000007606e0\n[ 95.971309] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 95.971419] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 95.971530] PKRU: 55555554\n[ 95.971573] Call Trace:\n[ 95.971622] ice_setup_rx_ring+0x39/0x110 [ice]\n[ 95.971695] ice_vsi_setup_rx_rings+0x54/0x90 [ice]\n[ 95.971774] ice_vsi_open+0x25/0x120 [ice]\n[ 95.971843] ice_open_internal+0xb8/0x1f0 [ice]\n[ 95.971919] ice_ena_vsi+0x4f/0xd0 [ice]\n[ 95.971987] ice_dcb_ena_dis_vsi.constprop.5+0x29/0x90 [ice]\n[ 95.972082] ice_pf_dcb_cfg+0x29a/0x380 [ice]\n[ 95.972154] ice_dcbnl_setets+0x174/0x1b0 [ice]\n[ 95.972220] dcbnl_ieee_set+0x89/0x230\n[ 95.972279] ? dcbnl_ieee_del+0x150/0x150\n[ 95.972341] dcb_doit+0x124/0x1b0\n[ 95.972392] rtnetlink_rcv_msg+0x243/0x2f0\n[ 95.972457] ? dcb_doit+0x14d/0x1b0\n[ 95.972510] ? __kmalloc_node_track_caller+0x1d3/0x280\n[ 95.972591] ? rtnl_calcit.isra.31+0x100/0x100\n[ 95.972661] netlink_rcv_skb+0xcf/0xf0\n[ 95.972720] netlink_unicast+0x16d/0x220\n[ 95.972781] netlink_sendmsg+0x2ba/0x3a0\n[ 95.975891] sock_sendmsg+0x4c/0x50\n[ 95.979032] ___sys_sendmsg+0x2e4/0x300\n[ 95.982147] ? kmem_cache_alloc+0x13e/0x190\n[ 95.985242] ? __wake_up_common_lock+0x79/0x90\n[ 95.988338] ? __check_object_size+0xac/0x1b0\n[ 95.991440] ? _copy_to_user+0x22/0x30\n[ 95.994539] ? move_addr_to_user+0xbb/0xd0\n[ 95.997619] ? __sys_sendmsg+0x53/0x80\n[ 96.000664] __sys_sendmsg+0x53/0x80\n[ 96.003747] do_syscall_64+0x5b/0x1d0\n[ 96.006862] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\nOnly update num_txq/rxq when passed check, and restore tc_cfg if setup\nqueue map failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48652",
"url": "https://www.suse.com/security/cve/CVE-2022-48652"
},
{
"category": "external",
"summary": "SUSE Bug 1223520 for CVE-2022-48652",
"url": "https://bugzilla.suse.com/1223520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48652"
},
{
"cve": "CVE-2022-48671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()\n\nsyzbot is hitting percpu_rwsem_assert_held(\u0026cpu_hotplug_lock) warning at\ncpuset_attach() [1], for commit 4f7e7236435ca0ab (\"cgroup: Fix\nthreadgroup_rwsem \u003c-\u003e cpus_read_lock() deadlock\") missed that\ncpuset_attach() is also called from cgroup_attach_task_all().\nAdd cpus_read_lock() like what cgroup_procs_write_start() does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48671",
"url": "https://www.suse.com/security/cve/CVE-2022-48671"
},
{
"category": "external",
"summary": "SUSE Bug 1223929 for CVE-2022-48671",
"url": "https://bugzilla.suse.com/1223929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48671"
},
{
"cve": "CVE-2022-48672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: fdt: fix off-by-one error in unflatten_dt_nodes()\n\nCommit 78c44d910d3e (\"drivers/of: Fix depth when unflattening devicetree\")\nforgot to fix up the depth check in the loop body in unflatten_dt_nodes()\nwhich makes it possible to overflow the nps[] buffer...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48672",
"url": "https://www.suse.com/security/cve/CVE-2022-48672"
},
{
"category": "external",
"summary": "SUSE Bug 1223931 for CVE-2022-48672",
"url": "https://bugzilla.suse.com/1223931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48672"
},
{
"cve": "CVE-2022-48673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Fix possible access to freed memory in link clear\n\nAfter modifying the QP to the Error state, all RX WR would be completed\nwith WC in IB_WC_WR_FLUSH_ERR status. Current implementation does not\nwait for it is done, but destroy the QP and free the link group directly.\nSo there is a risk that accessing the freed memory in tasklet context.\n\nHere is a crash example:\n\n BUG: unable to handle page fault for address: ffffffff8f220860\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD f7300e067 P4D f7300e067 PUD f7300f063 PMD 8c4e45063 PTE 800ffff08c9df060\n Oops: 0002 [#1] SMP PTI\n CPU: 1 PID: 0 Comm: swapper/1 Kdump: loaded Tainted: G S OE 5.10.0-0607+ #23\n Hardware name: Inspur NF5280M4/YZMB-00689-101, BIOS 4.1.20 07/09/2018\n RIP: 0010:native_queued_spin_lock_slowpath+0x176/0x1b0\n Code: f3 90 48 8b 32 48 85 f6 74 f6 eb d5 c1 ee 12 83 e0 03 83 ee 01 48 c1 e0 05 48 63 f6 48 05 00 c8 02 00 48 03 04 f5 00 09 98 8e \u003c48\u003e 89 10 8b 42 08 85 c0 75 09 f3 90 8b 42 08 85 c0 74 f7 48 8b 32\n RSP: 0018:ffffb3b6c001ebd8 EFLAGS: 00010086\n RAX: ffffffff8f220860 RBX: 0000000000000246 RCX: 0000000000080000\n RDX: ffff91db1f86c800 RSI: 000000000000173c RDI: ffff91db62bace00\n RBP: ffff91db62bacc00 R08: 0000000000000000 R09: c00000010000028b\n R10: 0000000000055198 R11: ffffb3b6c001ea58 R12: ffff91db80e05010\n R13: 000000000000000a R14: 0000000000000006 R15: 0000000000000040\n FS: 0000000000000000(0000) GS:ffff91db1f840000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffff8f220860 CR3: 00000001f9580004 CR4: 00000000003706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n _raw_spin_lock_irqsave+0x30/0x40\n mlx5_ib_poll_cq+0x4c/0xc50 [mlx5_ib]\n smc_wr_rx_tasklet_fn+0x56/0xa0 [smc]\n tasklet_action_common.isra.21+0x66/0x100\n __do_softirq+0xd5/0x29c\n asm_call_irq_on_stack+0x12/0x20\n \u003c/IRQ\u003e\n do_softirq_own_stack+0x37/0x40\n irq_exit_rcu+0x9d/0xa0\n sysvec_call_function_single+0x34/0x80\n asm_sysvec_call_function_single+0x12/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48673",
"url": "https://www.suse.com/security/cve/CVE-2022-48673"
},
{
"category": "external",
"summary": "SUSE Bug 1223934 for CVE-2022-48673",
"url": "https://bugzilla.suse.com/1223934"
},
{
"category": "external",
"summary": "SUSE Bug 1223940 for CVE-2022-48673",
"url": "https://bugzilla.suse.com/1223940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48673"
},
{
"cve": "CVE-2022-48675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/core: Fix a nested dead lock as part of ODP flow\n\nFix a nested dead lock as part of ODP flow by using mmput_async().\n\nFrom the below call trace [1] can see that calling mmput() once we have\nthe umem_odp-\u003eumem_mutex locked as required by\nib_umem_odp_map_dma_and_lock() might trigger in the same task the\nexit_mmap()-\u003e__mmu_notifier_release()-\u003emlx5_ib_invalidate_range() which\nmay dead lock when trying to lock the same mutex.\n\nMoving to use mmput_async() will solve the problem as the above\nexit_mmap() flow will be called in other task and will be executed once\nthe lock will be available.\n\n[1]\n[64843.077665] task:kworker/u133:2 state:D stack: 0 pid:80906 ppid:\n2 flags:0x00004000\n[64843.077672] Workqueue: mlx5_ib_page_fault mlx5_ib_eqe_pf_action [mlx5_ib]\n[64843.077719] Call Trace:\n[64843.077722] \u003cTASK\u003e\n[64843.077724] __schedule+0x23d/0x590\n[64843.077729] schedule+0x4e/0xb0\n[64843.077735] schedule_preempt_disabled+0xe/0x10\n[64843.077740] __mutex_lock.constprop.0+0x263/0x490\n[64843.077747] __mutex_lock_slowpath+0x13/0x20\n[64843.077752] mutex_lock+0x34/0x40\n[64843.077758] mlx5_ib_invalidate_range+0x48/0x270 [mlx5_ib]\n[64843.077808] __mmu_notifier_release+0x1a4/0x200\n[64843.077816] exit_mmap+0x1bc/0x200\n[64843.077822] ? walk_page_range+0x9c/0x120\n[64843.077828] ? __cond_resched+0x1a/0x50\n[64843.077833] ? mutex_lock+0x13/0x40\n[64843.077839] ? uprobe_clear_state+0xac/0x120\n[64843.077860] mmput+0x5f/0x140\n[64843.077867] ib_umem_odp_map_dma_and_lock+0x21b/0x580 [ib_core]\n[64843.077931] pagefault_real_mr+0x9a/0x140 [mlx5_ib]\n[64843.077962] pagefault_mr+0xb4/0x550 [mlx5_ib]\n[64843.077992] pagefault_single_data_segment.constprop.0+0x2ac/0x560\n[mlx5_ib]\n[64843.078022] mlx5_ib_eqe_pf_action+0x528/0x780 [mlx5_ib]\n[64843.078051] process_one_work+0x22b/0x3d0\n[64843.078059] worker_thread+0x53/0x410\n[64843.078065] ? process_one_work+0x3d0/0x3d0\n[64843.078073] kthread+0x12a/0x150\n[64843.078079] ? set_kthread_struct+0x50/0x50\n[64843.078085] ret_from_fork+0x22/0x30\n[64843.078093] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48675",
"url": "https://www.suse.com/security/cve/CVE-2022-48675"
},
{
"category": "external",
"summary": "SUSE Bug 1223894 for CVE-2022-48675",
"url": "https://bugzilla.suse.com/1223894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48675"
},
{
"cve": "CVE-2022-48686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix UAF when detecting digest errors\n\nWe should also bail from the io_work loop when we set rd_enabled to true,\nso we don\u0027t attempt to read data from the socket when the TCP stream is\nalready out-of-sync or corrupted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48686",
"url": "https://www.suse.com/security/cve/CVE-2022-48686"
},
{
"category": "external",
"summary": "SUSE Bug 1223948 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "external",
"summary": "SUSE Bug 1226337 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1226337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2022-48686"
},
{
"cve": "CVE-2022-48687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix out-of-bounds read when setting HMAC data.\n\nThe SRv6 layer allows defining HMAC data that can later be used to sign IPv6\nSegment Routing Headers. This configuration is realised via netlink through\nfour attributes: SEG6_ATTR_HMACKEYID, SEG6_ATTR_SECRET, SEG6_ATTR_SECRETLEN and\nSEG6_ATTR_ALGID. Because the SECRETLEN attribute is decoupled from the actual\nlength of the SECRET attribute, it is possible to provide invalid combinations\n(e.g., secret = \"\", secretlen = 64). This case is not checked in the code and\nwith an appropriately crafted netlink message, an out-of-bounds read of up\nto 64 bytes (max secret length) can occur past the skb end pointer and into\nskb_shared_info:\n\nBreakpoint 1, seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n208\t\tmemcpy(hinfo-\u003esecret, secret, slen);\n(gdb) bt\n #0 seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n #1 0xffffffff81e012e9 in genl_family_rcv_msg_doit (skb=skb@entry=0xffff88800b1f9f00, nlh=nlh@entry=0xffff88800b1b7600,\n extack=extack@entry=0xffffc90000ba7af0, ops=ops@entry=0xffffc90000ba7a80, hdrlen=4, net=0xffffffff84237580 \u003cinit_net\u003e, family=\u003coptimized out\u003e,\n family=\u003coptimized out\u003e) at net/netlink/genetlink.c:731\n #2 0xffffffff81e01435 in genl_family_rcv_msg (extack=0xffffc90000ba7af0, nlh=0xffff88800b1b7600, skb=0xffff88800b1f9f00,\n family=0xffffffff82fef6c0 \u003cseg6_genl_family\u003e) at net/netlink/genetlink.c:775\n #3 genl_rcv_msg (skb=0xffff88800b1f9f00, nlh=0xffff88800b1b7600, extack=0xffffc90000ba7af0) at net/netlink/genetlink.c:792\n #4 0xffffffff81dfffc3 in netlink_rcv_skb (skb=skb@entry=0xffff88800b1f9f00, cb=cb@entry=0xffffffff81e01350 \u003cgenl_rcv_msg\u003e)\n at net/netlink/af_netlink.c:2501\n #5 0xffffffff81e00919 in genl_rcv (skb=0xffff88800b1f9f00) at net/netlink/genetlink.c:803\n #6 0xffffffff81dff6ae in netlink_unicast_kernel (ssk=0xffff888010eec800, skb=0xffff88800b1f9f00, sk=0xffff888004aed000)\n at net/netlink/af_netlink.c:1319\n #7 netlink_unicast (ssk=ssk@entry=0xffff888010eec800, skb=skb@entry=0xffff88800b1f9f00, portid=portid@entry=0, nonblock=\u003coptimized out\u003e)\n at net/netlink/af_netlink.c:1345\n #8 0xffffffff81dff9a4 in netlink_sendmsg (sock=\u003coptimized out\u003e, msg=0xffffc90000ba7e48, len=\u003coptimized out\u003e) at net/netlink/af_netlink.c:1921\n...\n(gdb) p/x ((struct sk_buff *)0xffff88800b1f9f00)-\u003ehead + ((struct sk_buff *)0xffff88800b1f9f00)-\u003eend\n$1 = 0xffff88800b1b76c0\n(gdb) p/x secret\n$2 = 0xffff88800b1b76c0\n(gdb) p slen\n$3 = 64 \u0027@\u0027\n\nThe OOB data can then be read back from userspace by dumping HMAC state. This\ncommit fixes this by ensuring SECRETLEN cannot exceed the actual length of\nSECRET.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48687",
"url": "https://www.suse.com/security/cve/CVE-2022-48687"
},
{
"category": "external",
"summary": "SUSE Bug 1223952 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "external",
"summary": "SUSE Bug 1224043 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1224043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2022-48687"
},
{
"cve": "CVE-2022-48688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix kernel crash during module removal\n\nThe driver incorrectly frees client instance and subsequent\ni40e module removal leads to kernel crash.\n\nReproducer:\n1. Do ethtool offline test followed immediately by another one\nhost# ethtool -t eth0 offline; ethtool -t eth0 offline\n2. Remove recursively irdma module that also removes i40e module\nhost# modprobe -r irdma\n\nResult:\n[ 8675.035651] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.193774] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.201316] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.358921] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.496921] i40e 0000:3d:00.0: IRDMA hardware initialization FAILED init_state=2 status=-110\n[ 8686.188955] i40e 0000:3d:00.1: i40e_ptp_stop: removed PHC on eno2\n[ 8686.943890] i40e 0000:3d:00.1: Deleted LAN device PF1 bus=0x3d dev=0x00 func=0x01\n[ 8686.952669] i40e 0000:3d:00.0: i40e_ptp_stop: removed PHC on eno1\n[ 8687.761787] BUG: kernel NULL pointer dereference, address: 0000000000000030\n[ 8687.768755] #PF: supervisor read access in kernel mode\n[ 8687.773895] #PF: error_code(0x0000) - not-present page\n[ 8687.779034] PGD 0 P4D 0\n[ 8687.781575] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 8687.785935] CPU: 51 PID: 172891 Comm: rmmod Kdump: loaded Tainted: G W I 5.19.0+ #2\n[ 8687.794800] Hardware name: Intel Corporation S2600WFD/S2600WFD, BIOS SE5C620.86B.0X.02.0001.051420190324 05/14/2019\n[ 8687.805222] RIP: 0010:i40e_lan_del_device+0x13/0xb0 [i40e]\n[ 8687.810719] Code: d4 84 c0 0f 84 b8 25 01 00 e9 9c 25 01 00 41 bc f4 ff ff ff eb 91 90 0f 1f 44 00 00 41 54 55 53 48 8b 87 58 08 00 00 48 89 fb \u003c48\u003e 8b 68 30 48 89 ef e8 21 8a 0f d5 48 89 ef e8 a9 78 0f d5 48 8b\n[ 8687.829462] RSP: 0018:ffffa604072efce0 EFLAGS: 00010202\n[ 8687.834689] RAX: 0000000000000000 RBX: ffff8f43833b2000 RCX: 0000000000000000\n[ 8687.841821] RDX: 0000000000000000 RSI: ffff8f4b0545b298 RDI: ffff8f43833b2000\n[ 8687.848955] RBP: ffff8f43833b2000 R08: 0000000000000001 R09: 0000000000000000\n[ 8687.856086] R10: 0000000000000000 R11: 000ffffffffff000 R12: ffff8f43833b2ef0\n[ 8687.863218] R13: ffff8f43833b2ef0 R14: ffff915103966000 R15: ffff8f43833b2008\n[ 8687.870342] FS: 00007f79501c3740(0000) GS:ffff8f4adffc0000(0000) knlGS:0000000000000000\n[ 8687.878427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8687.884174] CR2: 0000000000000030 CR3: 000000014276e004 CR4: 00000000007706e0\n[ 8687.891306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 8687.898441] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 8687.905572] PKRU: 55555554\n[ 8687.908286] Call Trace:\n[ 8687.910737] \u003cTASK\u003e\n[ 8687.912843] i40e_remove+0x2c0/0x330 [i40e]\n[ 8687.917040] pci_device_remove+0x33/0xa0\n[ 8687.920962] device_release_driver_internal+0x1aa/0x230\n[ 8687.926188] driver_detach+0x44/0x90\n[ 8687.929770] bus_remove_driver+0x55/0xe0\n[ 8687.933693] pci_unregister_driver+0x2a/0xb0\n[ 8687.937967] i40e_exit_module+0xc/0xf48 [i40e]\n\nTwo offline tests cause IRDMA driver failure (ETIMEDOUT) and this\nfailure is indicated back to i40e_client_subtask() that calls\ni40e_client_del_instance() to free client instance referenced\nby pf-\u003ecinst and sets this pointer to NULL. During the module\nremoval i40e_remove() calls i40e_lan_del_device() that dereferences\npf-\u003ecinst that is NULL -\u003e crash.\nDo not remove client instance when client open callbacks fails and\njust clear __I40E_CLIENT_INSTANCE_OPENED bit. The driver also needs\nto take care about this situation (when netdev is up and client\nis NOT opened) in i40e_notify_client_of_netdev_close() and\ncalls client close callback only when __I40E_CLIENT_INSTANCE_OPENED\nis set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48688",
"url": "https://www.suse.com/security/cve/CVE-2022-48688"
},
{
"category": "external",
"summary": "SUSE Bug 1223953 for CVE-2022-48688",
"url": "https://bugzilla.suse.com/1223953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48688"
},
{
"cve": "CVE-2022-48692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srp: Set scmnd-\u003eresult only when scmnd is not NULL\n\nThis change fixes the following kernel NULL pointer dereference\nwhich is reproduced by blktests srp/007 occasionally.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000170\nPGD 0 P4D 0\nOops: 0002 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 9 Comm: kworker/0:1H Kdump: loaded Not tainted 6.0.0-rc1+ #37\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.15.0-29-g6a62e0cb0dfe-prebuilt.qemu.org 04/01/2014\nWorkqueue: 0x0 (kblockd)\nRIP: 0010:srp_recv_done+0x176/0x500 [ib_srp]\nCode: 00 4d 85 ff 0f 84 52 02 00 00 48 c7 82 80 02 00 00 00 00 00 00 4c 89 df 4c 89 14 24 e8 53 d3 4a f6 4c 8b 14 24 41 0f b6 42 13 \u003c41\u003e 89 87 70 01 00 00 41 0f b6 52 12 f6 c2 02 74 44 41 8b 42 1c b9\nRSP: 0018:ffffaef7c0003e28 EFLAGS: 00000282\nRAX: 0000000000000000 RBX: ffff9bc9486dea60 RCX: 0000000000000000\nRDX: 0000000000000102 RSI: ffffffffb76bbd0e RDI: 00000000ffffffff\nRBP: ffff9bc980099a00 R08: 0000000000000001 R09: 0000000000000001\nR10: ffff9bca53ef0000 R11: ffff9bc980099a10 R12: ffff9bc956e14000\nR13: ffff9bc9836b9cb0 R14: ffff9bc9557b4480 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff9bc97ec00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000170 CR3: 0000000007e04000 CR4: 00000000000006f0\nCall Trace:\n \u003cIRQ\u003e\n __ib_process_cq+0xb7/0x280 [ib_core]\n ib_poll_handler+0x2b/0x130 [ib_core]\n irq_poll_softirq+0x93/0x150\n __do_softirq+0xee/0x4b8\n irq_exit_rcu+0xf7/0x130\n sysvec_apic_timer_interrupt+0x8e/0xc0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48692",
"url": "https://www.suse.com/security/cve/CVE-2022-48692"
},
{
"category": "external",
"summary": "SUSE Bug 1223962 for CVE-2022-48692",
"url": "https://bugzilla.suse.com/1223962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48692"
},
{
"cve": "CVE-2022-48693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs\n\nIn brcmstb_pm_probe(), there are two kinds of leak bugs:\n\n(1) we need to add of_node_put() when for_each__matching_node() breaks\n(2) we need to add iounmap() for each iomap in fail path",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48693",
"url": "https://www.suse.com/security/cve/CVE-2022-48693"
},
{
"category": "external",
"summary": "SUSE Bug 1223963 for CVE-2022-48693",
"url": "https://bugzilla.suse.com/1223963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48693"
},
{
"cve": "CVE-2022-48694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48694"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix drain SQ hang with no completion\n\nSW generated completions for outstanding WRs posted on SQ\nafter QP is in error target the wrong CQ. This causes the\nib_drain_sq to hang with no completion.\n\nFix this to generate completions on the right CQ.\n\n[ 863.969340] INFO: task kworker/u52:2:671 blocked for more than 122 seconds.\n[ 863.979224] Not tainted 5.14.0-130.el9.x86_64 #1\n[ 863.986588] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 863.996997] task:kworker/u52:2 state:D stack: 0 pid: 671 ppid: 2 flags:0x00004000\n[ 864.007272] Workqueue: xprtiod xprt_autoclose [sunrpc]\n[ 864.014056] Call Trace:\n[ 864.017575] __schedule+0x206/0x580\n[ 864.022296] schedule+0x43/0xa0\n[ 864.026736] schedule_timeout+0x115/0x150\n[ 864.032185] __wait_for_common+0x93/0x1d0\n[ 864.037717] ? usleep_range_state+0x90/0x90\n[ 864.043368] __ib_drain_sq+0xf6/0x170 [ib_core]\n[ 864.049371] ? __rdma_block_iter_next+0x80/0x80 [ib_core]\n[ 864.056240] ib_drain_sq+0x66/0x70 [ib_core]\n[ 864.062003] rpcrdma_xprt_disconnect+0x82/0x3b0 [rpcrdma]\n[ 864.069365] ? xprt_prepare_transmit+0x5d/0xc0 [sunrpc]\n[ 864.076386] xprt_rdma_close+0xe/0x30 [rpcrdma]\n[ 864.082593] xprt_autoclose+0x52/0x100 [sunrpc]\n[ 864.088718] process_one_work+0x1e8/0x3c0\n[ 864.094170] worker_thread+0x50/0x3b0\n[ 864.099109] ? rescuer_thread+0x370/0x370\n[ 864.104473] kthread+0x149/0x170\n[ 864.109022] ? set_kthread_struct+0x40/0x40\n[ 864.114713] ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48694",
"url": "https://www.suse.com/security/cve/CVE-2022-48694"
},
{
"category": "external",
"summary": "SUSE Bug 1223964 for CVE-2022-48694",
"url": "https://bugzilla.suse.com/1223964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48694"
},
{
"cve": "CVE-2022-48695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix use-after-free warning\n\nFix the following use-after-free warning which is observed during\ncontroller reset:\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48695",
"url": "https://www.suse.com/security/cve/CVE-2022-48695"
},
{
"category": "external",
"summary": "SUSE Bug 1223941 for CVE-2022-48695",
"url": "https://bugzilla.suse.com/1223941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48695"
},
{
"cve": "CVE-2022-48697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a use-after-free\n\nFix the following use-after-free complaint triggered by blktests nvme/004:\n\nBUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350\nRead of size 4 at addr 0000607bd1835943 by task kworker/13:1/460\nWorkqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\nCall Trace:\n show_stack+0x52/0x58\n dump_stack_lvl+0x49/0x5e\n print_report.cold+0x36/0x1e2\n kasan_report+0xb9/0xf0\n __asan_load4+0x6b/0x80\n blk_mq_complete_request_remote+0xac/0x350\n nvme_loop_queue_response+0x1df/0x275 [nvme_loop]\n __nvmet_req_complete+0x132/0x4f0 [nvmet]\n nvmet_req_complete+0x15/0x40 [nvmet]\n nvmet_execute_io_connect+0x18a/0x1f0 [nvmet]\n nvme_loop_execute_work+0x20/0x30 [nvme_loop]\n process_one_work+0x56e/0xa70\n worker_thread+0x2d1/0x640\n kthread+0x183/0x1c0\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48697",
"url": "https://www.suse.com/security/cve/CVE-2022-48697"
},
{
"category": "external",
"summary": "SUSE Bug 1223922 for CVE-2022-48697",
"url": "https://bugzilla.suse.com/1223922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48697"
},
{
"cve": "CVE-2022-48699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/debug: fix dentry leak in update_sched_domain_debugfs\n\nKuyo reports that the pattern of using debugfs_remove(debugfs_lookup())\nleaks a dentry and with a hotplug stress test, the machine eventually\nruns out of memory.\n\nFix this up by using the newly created debugfs_lookup_and_remove() call\ninstead which properly handles the dentry reference counting logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48699",
"url": "https://www.suse.com/security/cve/CVE-2022-48699"
},
{
"category": "external",
"summary": "SUSE Bug 1223996 for CVE-2022-48699",
"url": "https://bugzilla.suse.com/1223996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48699"
},
{
"cve": "CVE-2022-48700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48700"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48700",
"url": "https://www.suse.com/security/cve/CVE-2022-48700"
},
{
"category": "external",
"summary": "SUSE Bug 1223957 for CVE-2022-48700",
"url": "https://bugzilla.suse.com/1223957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2022-48700"
},
{
"cve": "CVE-2022-48701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()\n\nThere may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and\nthe number of it\u0027s interfaces less than 4, an out-of-bounds read bug occurs\nwhen parsing the interface descriptor for this device.\n\nFix this by checking the number of interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48701",
"url": "https://www.suse.com/security/cve/CVE-2022-48701"
},
{
"category": "external",
"summary": "SUSE Bug 1223921 for CVE-2022-48701",
"url": "https://bugzilla.suse.com/1223921"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2022-48701"
},
{
"cve": "CVE-2022-48702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()\n\nThe voice allocator sometimes begins allocating from near the end of the\narray and then wraps around, however snd_emu10k1_pcm_channel_alloc()\naccesses the newly allocated voices as if it never wrapped around.\n\nThis results in out of bounds access if the first voice has a high enough\nindex so that first_voice + requested_voice_count \u003e NUM_G (64).\nThe more voices are requested, the more likely it is for this to occur.\n\nThis was initially discovered using PipeWire, however it can be reproduced\nby calling aplay multiple times with 16 channels:\naplay -r 48000 -D plughw:CARD=Live,DEV=3 -c 16 /dev/zero\n\nUBSAN: array-index-out-of-bounds in sound/pci/emu10k1/emupcm.c:127:40\nindex 65 is out of range for type \u0027snd_emu10k1_voice [64]\u0027\nCPU: 1 PID: 31977 Comm: aplay Tainted: G W IOE 6.0.0-rc2-emu10k1+ #7\nHardware name: ASUSTEK COMPUTER INC P5W DH Deluxe/P5W DH Deluxe, BIOS 3002 07/22/2010\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x49/0x63\ndump_stack+0x10/0x16\nubsan_epilogue+0x9/0x3f\n__ubsan_handle_out_of_bounds.cold+0x44/0x49\nsnd_emu10k1_playback_hw_params+0x3bc/0x420 [snd_emu10k1]\nsnd_pcm_hw_params+0x29f/0x600 [snd_pcm]\nsnd_pcm_common_ioctl+0x188/0x1410 [snd_pcm]\n? exit_to_user_mode_prepare+0x35/0x170\n? do_syscall_64+0x69/0x90\n? syscall_exit_to_user_mode+0x26/0x50\n? do_syscall_64+0x69/0x90\n? exit_to_user_mode_prepare+0x35/0x170\nsnd_pcm_ioctl+0x27/0x40 [snd_pcm]\n__x64_sys_ioctl+0x95/0xd0\ndo_syscall_64+0x5c/0x90\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48702",
"url": "https://www.suse.com/security/cve/CVE-2022-48702"
},
{
"category": "external",
"summary": "SUSE Bug 1223923 for CVE-2022-48702",
"url": "https://bugzilla.suse.com/1223923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48702"
},
{
"cve": "CVE-2022-48703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR\n\nIn some case, the GDDV returns a package with a buffer which has\nzero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10).\n\nThen the data_vault_read() got NULL point dereference problem when\naccessing the 0x10 value in data_vault.\n\n[ 71.024560] BUG: kernel NULL pointer dereference, address:\n0000000000000010\n\nThis patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or\nNULL value in data_vault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48703",
"url": "https://www.suse.com/security/cve/CVE-2022-48703"
},
{
"category": "external",
"summary": "SUSE Bug 1223924 for CVE-2022-48703",
"url": "https://bugzilla.suse.com/1223924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48703"
},
{
"cve": "CVE-2022-48704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: add a force flush to delay work when radeon\n\nAlthough radeon card fence and wait for gpu to finish processing current batch rings,\nthere is still a corner case that radeon lockup work queue may not be fully flushed,\nand meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to\nput device in D3hot state.\nPer PCI spec rev 4.0 on 5.3.1.4.1 D3hot State.\n\u003e Configuration and Message requests are the only TLPs accepted by a Function in\n\u003e the D3hot state. All other received Requests must be handled as Unsupported Requests,\n\u003e and all received Completions may optionally be handled as Unexpected Completions.\nThis issue will happen in following logs:\nUnable to handle kernel paging request at virtual address 00008800e0008010\nCPU 0 kworker/0:3(131): Oops 0\npc = [\u003cffffffff811bea5c\u003e] ra = [\u003cffffffff81240844\u003e] ps = 0000 Tainted: G W\npc is at si_gpu_check_soft_reset+0x3c/0x240\nra is at si_dma_is_lockup+0x34/0xd0\nv0 = 0000000000000000 t0 = fff08800e0008010 t1 = 0000000000010000\nt2 = 0000000000008010 t3 = fff00007e3c00000 t4 = fff00007e3c00258\nt5 = 000000000000ffff t6 = 0000000000000001 t7 = fff00007ef078000\ns0 = fff00007e3c016e8 s1 = fff00007e3c00000 s2 = fff00007e3c00018\ns3 = fff00007e3c00000 s4 = fff00007fff59d80 s5 = 0000000000000000\ns6 = fff00007ef07bd98\na0 = fff00007e3c00000 a1 = fff00007e3c016e8 a2 = 0000000000000008\na3 = 0000000000000001 a4 = 8f5c28f5c28f5c29 a5 = ffffffff810f4338\nt8 = 0000000000000275 t9 = ffffffff809b66f8 t10 = ff6769c5d964b800\nt11= 000000000000b886 pv = ffffffff811bea20 at = 0000000000000000\ngp = ffffffff81d89690 sp = 00000000aa814126\nDisabling lock debugging due to kernel taint\nTrace:\n[\u003cffffffff81240844\u003e] si_dma_is_lockup+0x34/0xd0\n[\u003cffffffff81119610\u003e] radeon_fence_check_lockup+0xd0/0x290\n[\u003cffffffff80977010\u003e] process_one_work+0x280/0x550\n[\u003cffffffff80977350\u003e] worker_thread+0x70/0x7c0\n[\u003cffffffff80977410\u003e] worker_thread+0x130/0x7c0\n[\u003cffffffff80982040\u003e] kthread+0x200/0x210\n[\u003cffffffff809772e0\u003e] worker_thread+0x0/0x7c0\n[\u003cffffffff80981f8c\u003e] kthread+0x14c/0x210\n[\u003cffffffff80911658\u003e] ret_from_kernel_thread+0x18/0x20\n[\u003cffffffff80981e40\u003e] kthread+0x0/0x210\n Code: ad3e0008 43f0074a ad7e0018 ad9e0020 8c3001e8 40230101\n \u003c88210000\u003e 4821ed21\nSo force lockup work queue flush to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48704",
"url": "https://www.suse.com/security/cve/CVE-2022-48704"
},
{
"category": "external",
"summary": "SUSE Bug 1223932 for CVE-2022-48704",
"url": "https://bugzilla.suse.com/1223932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48704"
},
{
"cve": "CVE-2022-48708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference\n\nAdded checking of pointer \"function\" in pcs_set_mux().\npinmux_generic_get_function() can return NULL and the pointer\n\"function\" was dereferenced without checking against NULL.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48708",
"url": "https://www.suse.com/security/cve/CVE-2022-48708"
},
{
"category": "external",
"summary": "SUSE Bug 1224942 for CVE-2022-48708",
"url": "https://bugzilla.suse.com/1224942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48708"
},
{
"cve": "CVE-2022-48709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48709"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: switch: fix potential memleak in ice_add_adv_recipe()\n\nWhen ice_add_special_words() fails, the \u0027rm\u0027 is not released, which will\nlead to a memory leak. Fix this up by going to \u0027err_unroll\u0027 label.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48709",
"url": "https://www.suse.com/security/cve/CVE-2022-48709"
},
{
"category": "external",
"summary": "SUSE Bug 1225095 for CVE-2022-48709",
"url": "https://bugzilla.suse.com/1225095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48709"
},
{
"cve": "CVE-2022-48710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix a possible null pointer dereference\n\nIn radeon_fp_native_mode(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.\n\nThe failure status of drm_cvt_mode() on the other path is checked too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48710",
"url": "https://www.suse.com/security/cve/CVE-2022-48710"
},
{
"category": "external",
"summary": "SUSE Bug 1225230 for CVE-2022-48710",
"url": "https://bugzilla.suse.com/1225230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-48710"
},
{
"cve": "CVE-2023-52654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52654"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: disable sending io_uring over sockets\n\nFile reference cycles have caused lots of problems for io_uring\nin the past, and it still doesn\u0027t work exactly right and races with\nunix_stream_read_generic(). The safest fix would be to completely\ndisallow sending io_uring files via sockets via SCM_RIGHT, so there\nare no possible cycles invloving registered files and thus rendering\nSCM accounting on the io_uring side unnecessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52654",
"url": "https://www.suse.com/security/cve/CVE-2023-52654"
},
{
"category": "external",
"summary": "SUSE Bug 1224099 for CVE-2023-52654",
"url": "https://bugzilla.suse.com/1224099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52654"
},
{
"cve": "CVE-2023-52655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: aqc111: check packet for fixup for true limit\n\nIf a device sends a packet that is inbetween 0\nand sizeof(u64) the value passed to skb_trim()\nas length will wrap around ending up as some very\nlarge value.\n\nThe driver will then proceed to parse the header\nlocated at that position, which will either oops or\nprocess some random value.\n\nThe fix is to check against sizeof(u64) rather than\n0, which the driver currently does. The issue exists\nsince the introduction of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52655",
"url": "https://www.suse.com/security/cve/CVE-2023-52655"
},
{
"category": "external",
"summary": "SUSE Bug 1217169 for CVE-2023-52655",
"url": "https://bugzilla.suse.com/1217169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Guard stack limits against 32bit overflow\n\nThis patch promotes the arithmetic around checking stack bounds to be\ndone in the 64-bit domain, instead of the current 32bit. The arithmetic\nimplies adding together a 64-bit register with a int offset. The\nregister was checked to be below 1\u003c\u003c29 when it was variable, but not\nwhen it was fixed. The offset either comes from an instruction (in which\ncase it is 16 bit), from another register (in which case the caller\nchecked it to be below 1\u003c\u003c29 [1]), or from the size of an argument to a\nkfunc (in which case it can be a u32 [2]). Between the register being\ninconsistently checked to be below 1\u003c\u003c29, and the offset being up to an\nu32, it appears that we were open to overflowing the `int`s which were\ncurrently used for arithmetic.\n\n[1] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L7494-L7498\n[2] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L11904",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52676",
"url": "https://www.suse.com/security/cve/CVE-2023-52676"
},
{
"category": "external",
"summary": "SUSE Bug 1224730 for CVE-2023-52676",
"url": "https://bugzilla.suse.com/1224730"
},
{
"category": "external",
"summary": "SUSE Bug 1226336 for CVE-2023-52676",
"url": "https://bugzilla.suse.com/1226336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2023-52676"
},
{
"cve": "CVE-2023-52686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_event_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52686",
"url": "https://www.suse.com/security/cve/CVE-2023-52686"
},
{
"category": "external",
"summary": "SUSE Bug 1224682 for CVE-2023-52686",
"url": "https://bugzilla.suse.com/1224682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check to scom_debug_init_one()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\nAdd a null pointer check, and release \u0027ent\u0027 to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52690",
"url": "https://www.suse.com/security/cve/CVE-2023-52690"
},
{
"category": "external",
"summary": "SUSE Bug 1224611 for CVE-2023-52690",
"url": "https://bugzilla.suse.com/1224611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52690"
},
{
"cve": "CVE-2023-52702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix possible memory leak in ovs_meter_cmd_set()\n\nold_meter needs to be free after it is detached regardless of whether\nthe new meter is successfully attached.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52702",
"url": "https://www.suse.com/security/cve/CVE-2023-52702"
},
{
"category": "external",
"summary": "SUSE Bug 1224945 for CVE-2023-52702",
"url": "https://bugzilla.suse.com/1224945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52702"
},
{
"cve": "CVE-2023-52703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/usb: kalmia: Don\u0027t pass act_len in usb_bulk_msg error path\n\nsyzbot reported that act_len in kalmia_send_init_packet() is\nuninitialized when passing it to the first usb_bulk_msg error path. Jiri\nPirko noted that it\u0027s pointless to pass it in the error path, and that\nthe value that would be printed in the second error path would be the\nvalue of act_len from the first call to usb_bulk_msg.[1]\n\nWith this in mind, let\u0027s just not pass act_len to the usb_bulk_msg error\npaths.\n\n1: https://lore.kernel.org/lkml/Y9pY61y1nwTuzMOa@nanopsycho/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52703",
"url": "https://www.suse.com/security/cve/CVE-2023-52703"
},
{
"category": "external",
"summary": "SUSE Bug 1225549 for CVE-2023-52703",
"url": "https://bugzilla.suse.com/1225549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2023-52703"
},
{
"cve": "CVE-2023-52707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/psi: Fix use-after-free in ep_remove_wait_queue()\n\nIf a non-root cgroup gets removed when there is a thread that registered\ntrigger and is polling on a pressure file within the cgroup, the polling\nwaitqueue gets freed in the following path:\n\n do_rmdir\n cgroup_rmdir\n kernfs_drain_open_files\n cgroup_file_release\n cgroup_pressure_release\n psi_trigger_destroy\n\nHowever, the polling thread still has a reference to the pressure file and\nwill access the freed waitqueue when the file is closed or upon exit:\n\n fput\n ep_eventpoll_release\n ep_free\n ep_remove_wait_queue\n remove_wait_queue\n\nThis results in use-after-free as pasted below.\n\nThe fundamental problem here is that cgroup_file_release() (and\nconsequently waitqueue\u0027s lifetime) is not tied to the file\u0027s real lifetime.\nUsing wake_up_pollfree() here might be less than ideal, but it is in line\nwith the comment at commit 42288cb44c4b (\"wait: add wake_up_pollfree()\")\nsince the waitqueue\u0027s lifetime is not tied to file\u0027s one and can be\nconsidered as another special case. While this would be fixable by somehow\nmaking cgroup_file_release() be tied to the fput(), it would require\nsizable refactoring at cgroups or higher layer which might be more\njustifiable if we identify more cases like this.\n\n BUG: KASAN: use-after-free in _raw_spin_lock_irqsave+0x60/0xc0\n Write of size 4 at addr ffff88810e625328 by task a.out/4404\n\n\tCPU: 19 PID: 4404 Comm: a.out Not tainted 6.2.0-rc6 #38\n\tHardware name: Amazon EC2 c5a.8xlarge/, BIOS 1.0 10/16/2017\n\tCall Trace:\n\t\u003cTASK\u003e\n\tdump_stack_lvl+0x73/0xa0\n\tprint_report+0x16c/0x4e0\n\tkasan_report+0xc3/0xf0\n\tkasan_check_range+0x2d2/0x310\n\t_raw_spin_lock_irqsave+0x60/0xc0\n\tremove_wait_queue+0x1a/0xa0\n\tep_free+0x12c/0x170\n\tep_eventpoll_release+0x26/0x30\n\t__fput+0x202/0x400\n\ttask_work_run+0x11d/0x170\n\tdo_exit+0x495/0x1130\n\tdo_group_exit+0x100/0x100\n\tget_signal+0xd67/0xde0\n\tarch_do_signal_or_restart+0x2a/0x2b0\n\texit_to_user_mode_prepare+0x94/0x100\n\tsyscall_exit_to_user_mode+0x20/0x40\n\tdo_syscall_64+0x52/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\t\u003c/TASK\u003e\n\n Allocated by task 4404:\n\n\tkasan_set_track+0x3d/0x60\n\t__kasan_kmalloc+0x85/0x90\n\tpsi_trigger_create+0x113/0x3e0\n\tpressure_write+0x146/0x2e0\n\tcgroup_file_write+0x11c/0x250\n\tkernfs_fop_write_iter+0x186/0x220\n\tvfs_write+0x3d8/0x5c0\n\tksys_write+0x90/0x110\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n Freed by task 4407:\n\n\tkasan_set_track+0x3d/0x60\n\tkasan_save_free_info+0x27/0x40\n\t____kasan_slab_free+0x11d/0x170\n\tslab_free_freelist_hook+0x87/0x150\n\t__kmem_cache_free+0xcb/0x180\n\tpsi_trigger_destroy+0x2e8/0x310\n\tcgroup_file_release+0x4f/0xb0\n\tkernfs_drain_open_files+0x165/0x1f0\n\tkernfs_drain+0x162/0x1a0\n\t__kernfs_remove+0x1fb/0x310\n\tkernfs_remove_by_name_ns+0x95/0xe0\n\tcgroup_addrm_files+0x67f/0x700\n\tcgroup_destroy_locked+0x283/0x3c0\n\tcgroup_rmdir+0x29/0x100\n\tkernfs_iop_rmdir+0xd1/0x140\n\tvfs_rmdir+0xfe/0x240\n\tdo_rmdir+0x13d/0x280\n\t__x64_sys_rmdir+0x2c/0x30\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52707",
"url": "https://www.suse.com/security/cve/CVE-2023-52707"
},
{
"category": "external",
"summary": "SUSE Bug 1225109 for CVE-2023-52707",
"url": "https://bugzilla.suse.com/1225109"
},
{
"category": "external",
"summary": "SUSE Bug 1225190 for CVE-2023-52707",
"url": "https://bugzilla.suse.com/1225190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52707"
},
{
"cve": "CVE-2023-52708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: mmc_spi: fix error handling in mmc_spi_probe()\n\nIf mmc_add_host() fails, it doesn\u0027t need to call mmc_remove_host(),\nor it will cause null-ptr-deref, because of deleting a not added\ndevice in mmc_remove_host().\n\nTo fix this, goto label \u0027fail_glue_init\u0027, if mmc_add_host() fails,\nand change the label \u0027fail_add_host\u0027 to \u0027fail_gpiod_request\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52708",
"url": "https://www.suse.com/security/cve/CVE-2023-52708"
},
{
"category": "external",
"summary": "SUSE Bug 1225483 for CVE-2023-52708",
"url": "https://bugzilla.suse.com/1225483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52708"
},
{
"cve": "CVE-2023-52730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won\u0027t call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of \u0027card-\u003edev\u0027 is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c000000002f839ccb\u003e] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [\u003c0000000004adcbf6\u003e] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [\u003c000000007538fea0\u003e] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c00000000fcbe706c\u003e] sdio_alloc_func+0x35/0x100 [mmc_core]\n [\u003c00000000c68f4b50\u003e] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52730",
"url": "https://www.suse.com/security/cve/CVE-2023-52730"
},
{
"category": "external",
"summary": "SUSE Bug 1224956 for CVE-2023-52730",
"url": "https://bugzilla.suse.com/1224956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52730"
},
{
"cve": "CVE-2023-52733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52733"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52733",
"url": "https://www.suse.com/security/cve/CVE-2023-52733"
},
{
"category": "external",
"summary": "SUSE Bug 1225488 for CVE-2023-52733",
"url": "https://bugzilla.suse.com/1225488"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52733"
},
{
"cve": "CVE-2023-52736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Do not unset preset when cleaning up codec\n\nSeveral functions that take part in codec\u0027s initialization and removal\nare re-used by ASoC codec drivers implementations. Drivers mimic the\nbehavior of hda_codec_driver_probe/remove() found in\nsound/pci/hda/hda_bind.c with their component-\u003eprobe/remove() instead.\n\nOne of the reasons for that is the expectation of\nsnd_hda_codec_device_new() to receive a valid pointer to an instance of\nstruct snd_card. This expectation can be met only once sound card\ncomponents probing commences.\n\nAs ASoC sound card may be unbound without codec device being actually\nremoved from the system, unsetting -\u003epreset in\nsnd_hda_codec_cleanup_for_unbind() interferes with module unload -\u003e load\nscenario causing null-ptr-deref. Preset is assigned only once, during\ndevice/driver matching whereas ASoC codec driver\u0027s module reloading may\noccur several times throughout the lifetime of an audio stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52736",
"url": "https://www.suse.com/security/cve/CVE-2023-52736"
},
{
"category": "external",
"summary": "SUSE Bug 1225486 for CVE-2023-52736",
"url": "https://bugzilla.suse.com/1225486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52736"
},
{
"cve": "CVE-2023-52738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini\n\nCurrently amdgpu calls drm_sched_fini() from the fence driver sw fini\nroutine - such function is expected to be called only after the\nrespective init function - drm_sched_init() - was executed successfully.\n\nHappens that we faced a driver probe failure in the Steam Deck\nrecently, and the function drm_sched_fini() was called even without\nits counter-part had been previously called, causing the following oops:\n\namdgpu: probe of 0000:04:00.0 failed with error -110\nBUG: kernel NULL pointer dereference, address: 0000000000000090\nPGD 0 P4D 0\nOops: 0002 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 609 Comm: systemd-udevd Not tainted 6.2.0-rc3-gpiccoli #338\nHardware name: Valve Jupiter/Jupiter, BIOS F7A0113 11/04/2022\nRIP: 0010:drm_sched_fini+0x84/0xa0 [gpu_sched]\n[...]\nCall Trace:\n \u003cTASK\u003e\n amdgpu_fence_driver_sw_fini+0xc8/0xd0 [amdgpu]\n amdgpu_device_fini_sw+0x2b/0x3b0 [amdgpu]\n amdgpu_driver_release_kms+0x16/0x30 [amdgpu]\n devm_drm_dev_init_release+0x49/0x70\n [...]\n\nTo prevent that, check if the drm_sched was properly initialized for a\ngiven ring before calling its fini counter-part.\n\nNotice ideally we\u0027d use sched.ready for that; such field is set as the latest\nthing on drm_sched_init(). But amdgpu seems to \"override\" the meaning of such\nfield - in the above oops for example, it was a GFX ring causing the crash, and\nthe sched.ready field was set to true in the ring init routine, regardless of\nthe state of the DRM scheduler. Hence, we ended-up using sched.ops as per\nChristian\u0027s suggestion [0], and also removed the no_scheduler check [1].\n\n[0] https://lore.kernel.org/amd-gfx/984ee981-2906-0eaf-ccec-9f80975cb136@amd.com/\n[1] https://lore.kernel.org/amd-gfx/cd0e2994-f85f-d837-609f-7056d5fb7231@amd.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52738",
"url": "https://www.suse.com/security/cve/CVE-2023-52738"
},
{
"category": "external",
"summary": "SUSE Bug 1225005 for CVE-2023-52738",
"url": "https://bugzilla.suse.com/1225005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52738"
},
{
"cve": "CVE-2023-52739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nFix page corruption caused by racy check in __free_pages\n\nWhen we upgraded our kernel, we started seeing some page corruption like\nthe following consistently:\n\n BUG: Bad page state in process ganesha.nfsd pfn:1304ca\n page:0000000022261c55 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1304ca\n flags: 0x17ffffc0000000()\n raw: 0017ffffc0000000 ffff8a513ffd4c98 ffffeee24b35ec08 0000000000000000\n raw: 0000000000000000 0000000000000001 00000000ffffff7f 0000000000000000\n page dumped because: nonzero mapcount\n CPU: 0 PID: 15567 Comm: ganesha.nfsd Kdump: loaded Tainted: P B O 5.10.158-1.nutanix.20221209.el7.x86_64 #1\n Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 04/05/2016\n Call Trace:\n dump_stack+0x74/0x96\n bad_page.cold+0x63/0x94\n check_new_page_bad+0x6d/0x80\n rmqueue+0x46e/0x970\n get_page_from_freelist+0xcb/0x3f0\n ? _cond_resched+0x19/0x40\n __alloc_pages_nodemask+0x164/0x300\n alloc_pages_current+0x87/0xf0\n skb_page_frag_refill+0x84/0x110\n ...\n\nSometimes, it would also show up as corruption in the free list pointer\nand cause crashes.\n\nAfter bisecting the issue, we found the issue started from commit\ne320d3012d25 (\"mm/page_alloc.c: fix freeing non-compound pages\"):\n\n\tif (put_page_testzero(page))\n\t\tfree_the_page(page, order);\n\telse if (!PageHead(page))\n\t\twhile (order-- \u003e 0)\n\t\t\tfree_the_page(page + (1 \u003c\u003c order), order);\n\nSo the problem is the check PageHead is racy because at this point we\nalready dropped our reference to the page. So even if we came in with\ncompound page, the page can already be freed and PageHead can return\nfalse and we will end up freeing all the tail pages causing double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52739",
"url": "https://www.suse.com/security/cve/CVE-2023-52739"
},
{
"category": "external",
"summary": "SUSE Bug 1225118 for CVE-2023-52739",
"url": "https://bugzilla.suse.com/1225118"
},
{
"category": "external",
"summary": "SUSE Bug 1225119 for CVE-2023-52739",
"url": "https://bugzilla.suse.com/1225119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2023-52739"
},
{
"cve": "CVE-2023-52740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch\n\nThe RFI and STF security mitigation options can flip the\ninterrupt_exit_not_reentrant static branch condition concurrently with\nthe interrupt exit code which tests that branch.\n\nInterrupt exit tests this condition to set MSR[EE|RI] for exit, then\nagain in the case a soft-masked interrupt is found pending, to recover\nthe MSR so the interrupt can be replayed before attempting to exit\nagain. If the condition changes between these two tests, the MSR and irq\nsoft-mask state will become corrupted, leading to warnings and possible\ncrashes. For example, if the branch is initially true then false,\nMSR[EE] will be 0 but PACA_IRQ_HARD_DIS clear and EE may not get\nenabled, leading to warnings in irq_64.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52740",
"url": "https://www.suse.com/security/cve/CVE-2023-52740"
},
{
"category": "external",
"summary": "SUSE Bug 1225471 for CVE-2023-52740",
"url": "https://bugzilla.suse.com/1225471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52740"
},
{
"cve": "CVE-2023-52741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix use-after-free in rdata-\u003eread_into_pages()\n\nWhen the network status is unstable, use-after-free may occur when\nread data from the server.\n\n BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7e0\n\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x38/0x4c\n print_report+0x16f/0x4a6\n kasan_report+0xb7/0x130\n readpages_fill_pages+0x14c/0x7e0\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n \u003c/TASK\u003e\n\n Allocated by task 2535:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n __kasan_kmalloc+0x82/0x90\n cifs_readdata_direct_alloc+0x2c/0x110\n cifs_readdata_alloc+0x2d/0x60\n cifs_readahead+0x393/0xfe0\n read_pages+0x12f/0x470\n page_cache_ra_unbounded+0x1b1/0x240\n filemap_get_pages+0x1c8/0x9a0\n filemap_read+0x1c0/0x540\n cifs_strict_readv+0x21b/0x240\n vfs_read+0x395/0x4b0\n ksys_read+0xb8/0x150\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\n Freed by task 79:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n kasan_save_free_info+0x2e/0x50\n __kasan_slab_free+0x10e/0x1a0\n __kmem_cache_free+0x7a/0x1a0\n cifs_readdata_release+0x49/0x60\n process_one_work+0x46c/0x760\n worker_thread+0x2a4/0x6f0\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\n Last potentially related work creation:\n kasan_save_stack+0x22/0x50\n __kasan_record_aux_stack+0x95/0xb0\n insert_work+0x2b/0x130\n __queue_work+0x1fe/0x660\n queue_work_on+0x4b/0x60\n smb2_readv_callback+0x396/0x800\n cifs_abort_connection+0x474/0x6a0\n cifs_reconnect+0x5cb/0xa50\n cifs_readv_from_socket.cold+0x22/0x6c\n cifs_read_page_from_socket+0xc1/0x100\n readpages_fill_pages.cold+0x2f/0x46\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\nThe following function calls will cause UAF of the rdata pointer.\n\nreadpages_fill_pages\n cifs_read_page_from_socket\n cifs_readv_from_socket\n cifs_reconnect\n __cifs_reconnect\n cifs_abort_connection\n mid-\u003ecallback() --\u003e smb2_readv_callback\n queue_work(\u0026rdata-\u003ework) # if the worker completes first,\n # the rdata is freed\n cifs_readv_complete\n kref_put\n cifs_readdata_release\n kfree(rdata)\n return rdata-\u003e... # UAF in readpages_fill_pages()\n\nSimilarly, this problem also occurs in the uncache_fill_pages().\n\nFix this by adjusts the order of condition judgment in the return\nstatement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52741",
"url": "https://www.suse.com/security/cve/CVE-2023-52741"
},
{
"category": "external",
"summary": "SUSE Bug 1225479 for CVE-2023-52741",
"url": "https://bugzilla.suse.com/1225479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52741"
},
{
"cve": "CVE-2023-52742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: USB: Fix wrong-direction WARNING in plusb.c\n\nThe syzbot fuzzer detected a bug in the plusb network driver: A\nzero-length control-OUT transfer was treated as a read instead of a\nwrite. In modern kernels this error provokes a WARNING:\n\nusb 1-1: BOGUS control dir, pipe 80000280 doesn\u0027t match bRequestType c0\nWARNING: CPU: 0 PID: 4645 at drivers/usb/core/urb.c:411\nusb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\nModules linked in:\nCPU: 1 PID: 4645 Comm: dhcpcd Not tainted\n6.2.0-rc6-syzkaller-00050-g9f266ccaa2f5 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google\n01/12/2023\nRIP: 0010:usb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x101/0x4b0 drivers/usb/core/message.c:58\n usb_internal_control_msg drivers/usb/core/message.c:102 [inline]\n usb_control_msg+0x320/0x4a0 drivers/usb/core/message.c:153\n __usbnet_read_cmd+0xb9/0x390 drivers/net/usb/usbnet.c:2010\n usbnet_read_cmd+0x96/0xf0 drivers/net/usb/usbnet.c:2068\n pl_vendor_req drivers/net/usb/plusb.c:60 [inline]\n pl_set_QuickLink_features drivers/net/usb/plusb.c:75 [inline]\n pl_reset+0x2f/0xf0 drivers/net/usb/plusb.c:85\n usbnet_open+0xcc/0x5d0 drivers/net/usb/usbnet.c:889\n __dev_open+0x297/0x4d0 net/core/dev.c:1417\n __dev_change_flags+0x587/0x750 net/core/dev.c:8530\n dev_change_flags+0x97/0x170 net/core/dev.c:8602\n devinet_ioctl+0x15a2/0x1d70 net/ipv4/devinet.c:1147\n inet_ioctl+0x33f/0x380 net/ipv4/af_inet.c:979\n sock_do_ioctl+0xcc/0x230 net/socket.c:1169\n sock_ioctl+0x1f8/0x680 net/socket.c:1286\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe fix is to call usbnet_write_cmd() instead of usbnet_read_cmd() and\nremove the USB_DIR_IN flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52742",
"url": "https://www.suse.com/security/cve/CVE-2023-52742"
},
{
"category": "external",
"summary": "SUSE Bug 1225482 for CVE-2023-52742",
"url": "https://bugzilla.suse.com/1225482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52742"
},
{
"cve": "CVE-2023-52743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Do not use WQ_MEM_RECLAIM flag for workqueue\n\nWhen both ice and the irdma driver are loaded, a warning in\ncheck_flush_dependency is being triggered. This is due to ice driver\nworkqueue being allocated with the WQ_MEM_RECLAIM flag and the irdma one\nis not.\n\nAccording to kernel documentation, this flag should be set if the\nworkqueue will be involved in the kernel\u0027s memory reclamation flow.\nSince it is not, there is no need for the ice driver\u0027s WQ to have this\nflag set so remove it.\n\nExample trace:\n\n[ +0.000004] workqueue: WQ_MEM_RECLAIM ice:ice_service_task [ice] is flushing !WQ_MEM_RECLAIM infiniband:0x0\n[ +0.000139] WARNING: CPU: 0 PID: 728 at kernel/workqueue.c:2632 check_flush_dependency+0x178/0x1a0\n[ +0.000011] Modules linked in: bonding tls xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_cha\nin_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink bridge stp llc rfkill vfat fat intel_rapl_msr intel\n_rapl_common isst_if_common skx_edac nfit libnvdimm x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct1\n0dif_pclmul crc32_pclmul ghash_clmulni_intel rapl intel_cstate rpcrdma sunrpc rdma_ucm ib_srpt ib_isert iscsi_target_mod target_\ncore_mod ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_cm iw_cm iTCO_wdt iTCO_vendor_support ipmi_ssif irdma mei_me ib_uverbs\nib_core intel_uncore joydev pcspkr i2c_i801 acpi_ipmi mei lpc_ich i2c_smbus intel_pch_thermal ioatdma ipmi_si acpi_power_meter\nacpi_pad xfs libcrc32c sd_mod t10_pi crc64_rocksoft crc64 sg ahci ixgbe libahci ice i40e igb crc32c_intel mdio i2c_algo_bit liba\nta dca wmi dm_mirror dm_region_hash dm_log dm_mod ipmi_devintf ipmi_msghandler fuse\n[ +0.000161] [last unloaded: bonding]\n[ +0.000006] CPU: 0 PID: 728 Comm: kworker/0:2 Tainted: G S 6.2.0-rc2_next-queue-13jan-00458-gc20aabd57164 #1\n[ +0.000006] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[ +0.000003] Workqueue: ice ice_service_task [ice]\n[ +0.000127] RIP: 0010:check_flush_dependency+0x178/0x1a0\n[ +0.000005] Code: 89 8e 02 01 e8 49 3d 40 00 49 8b 55 18 48 8d 8d d0 00 00 00 48 8d b3 d0 00 00 00 4d 89 e0 48 c7 c7 e0 3b 08\n9f e8 bb d3 07 01 \u003c0f\u003e 0b e9 be fe ff ff 80 3d 24 89 8e 02 00 0f 85 6b ff ff ff e9 06\n[ +0.000004] RSP: 0018:ffff88810a39f990 EFLAGS: 00010282\n[ +0.000005] RAX: 0000000000000000 RBX: ffff888141bc2400 RCX: 0000000000000000\n[ +0.000004] RDX: 0000000000000001 RSI: dffffc0000000000 RDI: ffffffffa1213a80\n[ +0.000003] RBP: ffff888194bf3400 R08: ffffed117b306112 R09: ffffed117b306112\n[ +0.000003] R10: ffff888bd983088b R11: ffffed117b306111 R12: 0000000000000000\n[ +0.000003] R13: ffff888111f84d00 R14: ffff88810a3943ac R15: ffff888194bf3400\n[ +0.000004] FS: 0000000000000000(0000) GS:ffff888bd9800000(0000) knlGS:0000000000000000\n[ +0.000003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.000003] CR2: 000056035b208b60 CR3: 000000017795e005 CR4: 00000000007706f0\n[ +0.000003] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ +0.000003] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ +0.000002] PKRU: 55555554\n[ +0.000003] Call Trace:\n[ +0.000002] \u003cTASK\u003e\n[ +0.000003] __flush_workqueue+0x203/0x840\n[ +0.000006] ? mutex_unlock+0x84/0xd0\n[ +0.000008] ? __pfx_mutex_unlock+0x10/0x10\n[ +0.000004] ? __pfx___flush_workqueue+0x10/0x10\n[ +0.000006] ? mutex_lock+0xa3/0xf0\n[ +0.000005] ib_cache_cleanup_one+0x39/0x190 [ib_core]\n[ +0.000174] __ib_unregister_device+0x84/0xf0 [ib_core]\n[ +0.000094] ib_unregister_device+0x25/0x30 [ib_core]\n[ +0.000093] irdma_ib_unregister_device+0x97/0xc0 [irdma]\n[ +0.000064] ? __pfx_irdma_ib_unregister_device+0x10/0x10 [irdma]\n[ +0.000059] ? up_write+0x5c/0x90\n[ +0.000005] irdma_remove+0x36/0x90 [irdma]\n[ +0.000062] auxiliary_bus_remove+0x32/0x50\n[ +0.000007] device_r\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52743",
"url": "https://www.suse.com/security/cve/CVE-2023-52743"
},
{
"category": "external",
"summary": "SUSE Bug 1225003 for CVE-2023-52743",
"url": "https://bugzilla.suse.com/1225003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52743"
},
{
"cve": "CVE-2023-52744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix potential NULL-ptr-dereference\n\nin_dev_get() can return NULL which will cause a failure once idev is\ndereferenced in in_dev_for_each_ifa_rtnl(). This patch adds a\ncheck for NULL value in idev beforehand.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52744",
"url": "https://www.suse.com/security/cve/CVE-2023-52744"
},
{
"category": "external",
"summary": "SUSE Bug 1225121 for CVE-2023-52744",
"url": "https://bugzilla.suse.com/1225121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52744"
},
{
"cve": "CVE-2023-52745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/IPoIB: Fix legacy IPoIB due to wrong number of queues\n\nThe cited commit creates child PKEY interfaces over netlink will\nmultiple tx and rx queues, but some devices doesn\u0027t support more than 1\ntx and 1 rx queues. This causes to a crash when traffic is sent over the\nPKEY interface due to the parent having a single queue but the child\nhaving multiple queues.\n\nThis patch fixes the number of queues to 1 for legacy IPoIB at the\nearliest possible point in time.\n\nBUG: kernel NULL pointer dereference, address: 000000000000036b\nPGD 0 P4D 0\nOops: 0000 [#1] SMP\nCPU: 4 PID: 209665 Comm: python3 Not tainted 6.1.0_for_upstream_min_debug_2022_12_12_17_02 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:kmem_cache_alloc+0xcb/0x450\nCode: ce 7e 49 8b 50 08 49 83 78 10 00 4d 8b 28 0f 84 cb 02 00 00 4d 85 ed 0f 84 c2 02 00 00 41 8b 44 24 28 48 8d 4a\n01 49 8b 3c 24 \u003c49\u003e 8b 5c 05 00 4c 89 e8 65 48 0f c7 0f 0f 94 c0 84 c0 74 b8 41 8b\nRSP: 0018:ffff88822acbbab8 EFLAGS: 00010202\nRAX: 0000000000000070 RBX: ffff8881c28e3e00 RCX: 00000000064f8dae\nRDX: 00000000064f8dad RSI: 0000000000000a20 RDI: 0000000000030d00\nRBP: 0000000000000a20 R08: ffff8882f5d30d00 R09: ffff888104032f40\nR10: ffff88810fade828 R11: 736f6d6570736575 R12: ffff88810081c000\nR13: 00000000000002fb R14: ffffffff817fc865 R15: 0000000000000000\nFS: 00007f9324ff9700(0000) GS:ffff8882f5d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000036b CR3: 00000001125af004 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n skb_clone+0x55/0xd0\n ip6_finish_output2+0x3fe/0x690\n ip6_finish_output+0xfa/0x310\n ip6_send_skb+0x1e/0x60\n udp_v6_send_skb+0x1e5/0x420\n udpv6_sendmsg+0xb3c/0xe60\n ? ip_mc_finish_output+0x180/0x180\n ? __switch_to_asm+0x3a/0x60\n ? __switch_to_asm+0x34/0x60\n sock_sendmsg+0x33/0x40\n __sys_sendto+0x103/0x160\n ? _copy_to_user+0x21/0x30\n ? kvm_clock_get_cycles+0xd/0x10\n ? ktime_get_ts64+0x49/0xe0\n __x64_sys_sendto+0x25/0x30\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f9374f1ed14\nCode: 42 41 f8 ff 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b\n7c 24 08 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 68 41 f8 ff 48 8b\nRSP: 002b:00007f9324ff7bd0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f9324ff7cc8 RCX: 00007f9374f1ed14\nRDX: 00000000000002fb RSI: 00007f93000052f0 RDI: 0000000000000030\nRBP: 0000000000000000 R08: 00007f9324ff7d40 R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\nR13: 000000012a05f200 R14: 0000000000000001 R15: 00007f9374d57bdc\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52745",
"url": "https://www.suse.com/security/cve/CVE-2023-52745"
},
{
"category": "external",
"summary": "SUSE Bug 1225032 for CVE-2023-52745",
"url": "https://bugzilla.suse.com/1225032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52745"
},
{
"cve": "CVE-2023-52747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Restore allocated resources on failed copyout\n\nFix a resource leak if an error occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52747",
"url": "https://www.suse.com/security/cve/CVE-2023-52747"
},
{
"category": "external",
"summary": "SUSE Bug 1224931 for CVE-2023-52747",
"url": "https://bugzilla.suse.com/1224931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52747"
},
{
"cve": "CVE-2023-52753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid NULL dereference of timing generator\n\n[Why \u0026 How]\nCheck whether assigned timing generator is NULL or not before\naccessing its funcs to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52753",
"url": "https://www.suse.com/security/cve/CVE-2023-52753"
},
{
"category": "external",
"summary": "SUSE Bug 1225478 for CVE-2023-52753",
"url": "https://bugzilla.suse.com/1225478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52753"
},
{
"cve": "CVE-2023-52754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imon: fix access to invalid resource for the second interface\n\nimon driver probes two USB interfaces, and at the probe of the second\ninterface, the driver assumes blindly that the first interface got\nbound with the same imon driver. It\u0027s usually true, but it\u0027s still\npossible that the first interface is bound with another driver via a\nmalformed descriptor. Then it may lead to a memory corruption, as\nspotted by syzkaller; imon driver accesses the data from drvdata as\nstruct imon_context object although it\u0027s a completely different one\nthat was assigned by another driver.\n\nThis patch adds a sanity check -- whether the first interface is\nreally bound with the imon driver or not -- for avoiding the problem\nabove at the probe time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52754",
"url": "https://www.suse.com/security/cve/CVE-2023-52754"
},
{
"category": "external",
"summary": "SUSE Bug 1225490 for CVE-2023-52754",
"url": "https://bugzilla.suse.com/1225490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52754"
},
{
"cve": "CVE-2023-52756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52756"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52756",
"url": "https://www.suse.com/security/cve/CVE-2023-52756"
},
{
"category": "external",
"summary": "SUSE Bug 1225461 for CVE-2023-52756",
"url": "https://bugzilla.suse.com/1225461"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52756"
},
{
"cve": "CVE-2023-52759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52759"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52759",
"url": "https://www.suse.com/security/cve/CVE-2023-52759"
},
{
"category": "external",
"summary": "SUSE Bug 1225560 for CVE-2023-52759",
"url": "https://bugzilla.suse.com/1225560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52759"
},
{
"cve": "CVE-2023-52763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.\n\nThe `i3c_master_bus_init` function may attach the I2C devices before the\nI3C bus initialization. In this flow, the DAT `alloc_entry`` will be used\nbefore the DAT `init`. Additionally, if the `i3c_master_bus_init` fails,\nthe DAT `cleanup` will execute before the device is detached, which will\nexecue DAT `free_entry` function. The above scenario can cause the driver\nto use DAT_data when it is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52763",
"url": "https://www.suse.com/security/cve/CVE-2023-52763"
},
{
"category": "external",
"summary": "SUSE Bug 1225570 for CVE-2023-52763",
"url": "https://bugzilla.suse.com/1225570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52763"
},
{
"cve": "CVE-2023-52764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52764",
"url": "https://www.suse.com/security/cve/CVE-2023-52764"
},
{
"category": "external",
"summary": "SUSE Bug 1225571 for CVE-2023-52764",
"url": "https://bugzilla.suse.com/1225571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52764"
},
{
"cve": "CVE-2023-52766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler\n\nDo not loop over ring headers in hci_dma_irq_handler() that are not\nallocated and enabled in hci_dma_init(). Otherwise out of bounds access\nwill occur from rings-\u003eheaders[i] access when i \u003e= number of allocated\nring headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52766",
"url": "https://www.suse.com/security/cve/CVE-2023-52766"
},
{
"category": "external",
"summary": "SUSE Bug 1230620 for CVE-2023-52766",
"url": "https://bugzilla.suse.com/1230620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52766"
},
{
"cve": "CVE-2023-52774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52774"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52774",
"url": "https://www.suse.com/security/cve/CVE-2023-52774"
},
{
"category": "external",
"summary": "SUSE Bug 1225572 for CVE-2023-52774",
"url": "https://bugzilla.suse.com/1225572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction \u0027usb_get_bos_descriptor()\u0027 encounters an iteration issue when\nskipping the \u0027USB_DT_DEVICE_CAPABILITY\u0027 descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a \u0027goto\u0027 statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52781",
"url": "https://www.suse.com/security/cve/CVE-2023-52781"
},
{
"category": "external",
"summary": "SUSE Bug 1225092 for CVE-2023-52781",
"url": "https://bugzilla.suse.com/1225092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52781"
},
{
"cve": "CVE-2023-52788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni915/perf: Fix NULL deref bugs with drm_dbg() calls\n\nWhen i915 perf interface is not available dereferencing it will lead to\nNULL dereferences.\n\nAs returning -ENOTSUPP is pretty clear return when perf interface is not\navailable.\n\n[tursulin: added stable tag]\n(cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52788",
"url": "https://www.suse.com/security/cve/CVE-2023-52788"
},
{
"category": "external",
"summary": "SUSE Bug 1225106 for CVE-2023-52788",
"url": "https://bugzilla.suse.com/1225106"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52788"
},
{
"cve": "CVE-2023-52789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vcc: Add check for kstrdup() in vcc_probe()\n\nAdd check for the return value of kstrdup() and return the error, if it\nfails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52789",
"url": "https://www.suse.com/security/cve/CVE-2023-52789"
},
{
"category": "external",
"summary": "SUSE Bug 1225180 for CVE-2023-52789",
"url": "https://bugzilla.suse.com/1225180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52789"
},
{
"cve": "CVE-2023-52791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: core: Run atomic i2c xfer when !preemptible\n\nSince bae1d3a05a8b, i2c transfers are non-atomic if preemption is\ndisabled. However, non-atomic i2c transfers require preemption (e.g. in\nwait_for_completion() while waiting for the DMA).\n\npanic() calls preempt_disable_notrace() before calling\nemergency_restart(). Therefore, if an i2c device is used for the\nrestart, the xfer should be atomic. This avoids warnings like:\n\n[ 12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0\n[ 12.676926] Voluntary context switch within RCU read-side critical section!\n...\n[ 12.742376] schedule_timeout from wait_for_completion_timeout+0x90/0x114\n[ 12.749179] wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70\n...\n[ 12.994527] atomic_notifier_call_chain from machine_restart+0x34/0x58\n[ 13.001050] machine_restart from panic+0x2a8/0x32c\n\nUse !preemptible() instead, which is basically the same check as\npre-v5.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52791",
"url": "https://www.suse.com/security/cve/CVE-2023-52791"
},
{
"category": "external",
"summary": "SUSE Bug 1225108 for CVE-2023-52791",
"url": "https://bugzilla.suse.com/1225108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52791"
},
{
"cve": "CVE-2023-52798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix dfs radar event locking\n\nThe ath11k active pdevs are protected by RCU but the DFS radar event\nhandling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52798",
"url": "https://www.suse.com/security/cve/CVE-2023-52798"
},
{
"category": "external",
"summary": "SUSE Bug 1224947 for CVE-2023-52798",
"url": "https://bugzilla.suse.com/1224947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52798"
},
{
"cve": "CVE-2023-52799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in dbFindLeaf\n\nCurrently while searching for dmtree_t for sufficient free blocks there\nis an array out of bounds while getting element in tp-\u003edm_stree. To add\nthe required check for out of bound we first need to determine the type\nof dmtree. Thus added an extra parameter to dbFindLeaf so that the type\nof tree can be determined and the required check can be applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52799",
"url": "https://www.suse.com/security/cve/CVE-2023-52799"
},
{
"category": "external",
"summary": "SUSE Bug 1225472 for CVE-2023-52799",
"url": "https://bugzilla.suse.com/1225472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52799"
},
{
"cve": "CVE-2023-52800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52800",
"url": "https://www.suse.com/security/cve/CVE-2023-52800"
},
{
"category": "external",
"summary": "SUSE Bug 1230600 for CVE-2023-52800",
"url": "https://bugzilla.suse.com/1230600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52800"
},
{
"cve": "CVE-2023-52804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add validity check for db_maxag and db_agpref\n\nBoth db_maxag and db_agpref are used as the index of the\ndb_agfree array, but there is currently no validity check for\ndb_maxag and db_agpref, which can lead to errors.\n\nThe following is related bug reported by Syzbot:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20\nindex 7936 is out of range for type \u0027atomic_t[128]\u0027\n\nAdd checking that the values of db_maxag and db_agpref are valid\nindexes for the db_agfree array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52804",
"url": "https://www.suse.com/security/cve/CVE-2023-52804"
},
{
"category": "external",
"summary": "SUSE Bug 1225550 for CVE-2023-52804",
"url": "https://bugzilla.suse.com/1225550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52804"
},
{
"cve": "CVE-2023-52805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in diAlloc\n\nCurrently there is not check against the agno of the iag while\nallocating new inodes to avoid fragmentation problem. Added the check\nwhich is required.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52805",
"url": "https://www.suse.com/security/cve/CVE-2023-52805"
},
{
"category": "external",
"summary": "SUSE Bug 1225553 for CVE-2023-52805",
"url": "https://bugzilla.suse.com/1225553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52805"
},
{
"cve": "CVE-2023-52806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix possible null-ptr-deref when assigning a stream\n\nWhile AudioDSP drivers assign streams exclusively of HOST or LINK type,\nnothing blocks a user to attempt to assign a COUPLED stream. As\nsupplied substream instance may be a stub, what is the case when\ncode-loading, such scenario ends with null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52806",
"url": "https://www.suse.com/security/cve/CVE-2023-52806"
},
{
"category": "external",
"summary": "SUSE Bug 1225554 for CVE-2023-52806",
"url": "https://bugzilla.suse.com/1225554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52806"
},
{
"cve": "CVE-2023-52810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add check for negative db_l2nbperpage\n\nl2nbperpage is log2(number of blks per page), and the minimum legal\nvalue should be 0, not negative.\n\nIn the case of l2nbperpage being negative, an error will occur\nwhen subsequently used as shift exponent.\n\nSyzbot reported this bug:\n\nUBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12\nshift exponent -16777216 is negative",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52810",
"url": "https://www.suse.com/security/cve/CVE-2023-52810"
},
{
"category": "external",
"summary": "SUSE Bug 1225557 for CVE-2023-52810",
"url": "https://bugzilla.suse.com/1225557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52810"
},
{
"cve": "CVE-2023-52811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Remove BUG_ON in the case of an empty event pool\n\nIn practice the driver should never send more commands than are allocated\nto a queue\u0027s event pool. In the unlikely event that this happens, the code\nasserts a BUG_ON, and in the case that the kernel is not configured to\ncrash on panic returns a junk event pointer from the empty event list\ncausing things to spiral from there. This BUG_ON is a historical artifact\nof the ibmvfc driver first being upstreamed, and it is well known now that\nthe use of BUG_ON is bad practice except in the most unrecoverable\nscenario. There is nothing about this scenario that prevents the driver\nfrom recovering and carrying on.\n\nRemove the BUG_ON in question from ibmvfc_get_event() and return a NULL\npointer in the case of an empty event pool. Update all call sites to\nibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate\nfailure or recovery action.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52811",
"url": "https://www.suse.com/security/cve/CVE-2023-52811"
},
{
"category": "external",
"summary": "SUSE Bug 1225559 for CVE-2023-52811",
"url": "https://bugzilla.suse.com/1225559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52811"
},
{
"cve": "CVE-2023-52814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential null pointer derefernce\n\nThe amdgpu_ras_get_context may return NULL if device\nnot support ras feature, so add check before using.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52814",
"url": "https://www.suse.com/security/cve/CVE-2023-52814"
},
{
"category": "external",
"summary": "SUSE Bug 1225565 for CVE-2023-52814",
"url": "https://bugzilla.suse.com/1225565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52814"
},
{
"cve": "CVE-2023-52816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix shift out-of-bounds issue\n\n[ 567.613292] shift exponent 255 is too large for 64-bit type \u0027long unsigned int\u0027\n[ 567.614498] CPU: 5 PID: 238 Comm: kworker/5:1 Tainted: G OE 6.2.0-34-generic #34~22.04.1-Ubuntu\n[ 567.614502] Hardware name: AMD Splinter/Splinter-RPL, BIOS WS43927N_871 09/25/2023\n[ 567.614504] Workqueue: events send_exception_work_handler [amdgpu]\n[ 567.614748] Call Trace:\n[ 567.614750] \u003cTASK\u003e\n[ 567.614753] dump_stack_lvl+0x48/0x70\n[ 567.614761] dump_stack+0x10/0x20\n[ 567.614763] __ubsan_handle_shift_out_of_bounds+0x156/0x310\n[ 567.614769] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.614773] ? update_sd_lb_stats.constprop.0+0xf2/0x3c0\n[ 567.614780] svm_range_split_by_granularity.cold+0x2b/0x34 [amdgpu]\n[ 567.615047] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.615052] svm_migrate_to_ram+0x185/0x4d0 [amdgpu]\n[ 567.615286] do_swap_page+0x7b6/0xa30\n[ 567.615291] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.615294] ? __free_pages+0x119/0x130\n[ 567.615299] handle_pte_fault+0x227/0x280\n[ 567.615303] __handle_mm_fault+0x3c0/0x720\n[ 567.615311] handle_mm_fault+0x119/0x330\n[ 567.615314] ? lock_mm_and_find_vma+0x44/0x250\n[ 567.615318] do_user_addr_fault+0x1a9/0x640\n[ 567.615323] exc_page_fault+0x81/0x1b0\n[ 567.615328] asm_exc_page_fault+0x27/0x30\n[ 567.615332] RIP: 0010:__get_user_8+0x1c/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52816",
"url": "https://www.suse.com/security/cve/CVE-2023-52816"
},
{
"category": "external",
"summary": "SUSE Bug 1225529 for CVE-2023-52816",
"url": "https://bugzilla.suse.com/1225529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52816"
},
{
"cve": "CVE-2023-52817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL\n\nIn certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL. Below are the steps to reproduce this issue and the corresponding exception log:\n\n1. Navigate to the directory: /sys/kernel/debug/dri/0\n2. Execute command: cat amdgpu_regs_smc\n3. Exception Log::\n[4005007.702554] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[4005007.702562] #PF: supervisor instruction fetch in kernel mode\n[4005007.702567] #PF: error_code(0x0010) - not-present page\n[4005007.702570] PGD 0 P4D 0\n[4005007.702576] Oops: 0010 [#1] SMP NOPTI\n[4005007.702581] CPU: 4 PID: 62563 Comm: cat Tainted: G OE 5.15.0-43-generic #46-Ubunt u\n[4005007.702590] RIP: 0010:0x0\n[4005007.702598] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n[4005007.702600] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206\n[4005007.702605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffa82b46d27e68\n[4005007.702609] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000\n[4005007.702612] RBP: ffffa82b46d27dd8 R08: 0000000000000000 R09: ffff994060c07980\n[4005007.702615] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000\n[4005007.702618] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 00007f5e06753000\n[4005007.702622] FS: 00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000\n[4005007.702626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[4005007.702629] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0\n[4005007.702633] Call Trace:\n[4005007.702636] \u003cTASK\u003e\n[4005007.702640] amdgpu_debugfs_regs_smc_read+0xb0/0x120 [amdgpu]\n[4005007.703002] full_proxy_read+0x5c/0x80\n[4005007.703011] vfs_read+0x9f/0x1a0\n[4005007.703019] ksys_read+0x67/0xe0\n[4005007.703023] __x64_sys_read+0x19/0x20\n[4005007.703028] do_syscall_64+0x5c/0xc0\n[4005007.703034] ? do_user_addr_fault+0x1e3/0x670\n[4005007.703040] ? exit_to_user_mode_prepare+0x37/0xb0\n[4005007.703047] ? irqentry_exit_to_user_mode+0x9/0x20\n[4005007.703052] ? irqentry_exit+0x19/0x30\n[4005007.703057] ? exc_page_fault+0x89/0x160\n[4005007.703062] ? asm_exc_page_fault+0x8/0x30\n[4005007.703068] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[4005007.703075] RIP: 0033:0x7f5e07672992\n[4005007.703079] Code: c0 e9 b2 fe ff ff 50 48 8d 3d fa b2 0c 00 e8 c5 1d 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 e c 28 48 89 54 24\n[4005007.703083] RSP: 002b:00007ffe03097898 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[4005007.703088] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5e07672992\n[4005007.703091] RDX: 0000000000020000 RSI: 00007f5e06753000 RDI: 0000000000000003\n[4005007.703094] RBP: 00007f5e06753000 R08: 00007f5e06752010 R09: 00007f5e06752010\n[4005007.703096] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000\n[4005007.703099] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000\n[4005007.703105] \u003c/TASK\u003e\n[4005007.703107] Modules linked in: nf_tables libcrc32c nfnetlink algif_hash af_alg binfmt_misc nls_ iso8859_1 ipmi_ssif ast intel_rapl_msr intel_rapl_common drm_vram_helper drm_ttm_helper amd64_edac t tm edac_mce_amd kvm_amd ccp mac_hid k10temp kvm acpi_ipmi ipmi_si rapl sch_fq_codel ipmi_devintf ipm i_msghandler msr parport_pc ppdev lp parport mtd pstore_blk efi_pstore ramoops pstore_zone reed_solo mon ip_tables x_tables autofs4 ib_uverbs ib_core amdgpu(OE) amddrm_ttm_helper(OE) amdttm(OE) iommu_v 2 amd_sched(OE) amdkcl(OE) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec rc_core drm igb ahci xhci_pci libahci i2c_piix4 i2c_algo_bit xhci_pci_renesas dca\n[4005007.703184] CR2: 0000000000000000\n[4005007.703188] ---[ en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52817",
"url": "https://www.suse.com/security/cve/CVE-2023-52817"
},
{
"category": "external",
"summary": "SUSE Bug 1225569 for CVE-2023-52817",
"url": "https://bugzilla.suse.com/1225569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52817"
},
{
"cve": "CVE-2023-52818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52818"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for SMU7\n\nFor pptable structs that use flexible array sizes, use flexible arrays.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52818",
"url": "https://www.suse.com/security/cve/CVE-2023-52818"
},
{
"category": "external",
"summary": "SUSE Bug 1225530 for CVE-2023-52818",
"url": "https://bugzilla.suse.com/1225530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52818"
},
{
"cve": "CVE-2023-52819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga\n\nFor pptable structs that use flexible array sizes, use flexible arrays.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52819",
"url": "https://www.suse.com/security/cve/CVE-2023-52819"
},
{
"category": "external",
"summary": "SUSE Bug 1225532 for CVE-2023-52819",
"url": "https://bugzilla.suse.com/1225532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52819"
},
{
"cve": "CVE-2023-52821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel: fix a possible null pointer dereference\n\nIn versatile_panel_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52821",
"url": "https://www.suse.com/security/cve/CVE-2023-52821"
},
{
"category": "external",
"summary": "SUSE Bug 1225022 for CVE-2023-52821",
"url": "https://bugzilla.suse.com/1225022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52821"
},
{
"cve": "CVE-2023-52825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix a race condition of vram buffer unref in svm code\n\nprange-\u003esvm_bo unref can happen in both mmu callback and a callback after\nmigrate to system ram. Both are async call in different tasks. Sync svm_bo\nunref operation to avoid random \"use-after-free\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52825",
"url": "https://www.suse.com/security/cve/CVE-2023-52825"
},
{
"category": "external",
"summary": "SUSE Bug 1225076 for CVE-2023-52825",
"url": "https://bugzilla.suse.com/1225076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52825"
},
{
"cve": "CVE-2023-52826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel/panel-tpo-tpg110: fix a possible null pointer dereference\n\nIn tpg110_get_modes(), the return value of drm_mode_duplicate() is\nassigned to mode, which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate(). Add a check to avoid npd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52826",
"url": "https://www.suse.com/security/cve/CVE-2023-52826"
},
{
"category": "external",
"summary": "SUSE Bug 1225077 for CVE-2023-52826",
"url": "https://bugzilla.suse.com/1225077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52826"
},
{
"cve": "CVE-2023-52832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type \u0027int\u0027\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52832",
"url": "https://www.suse.com/security/cve/CVE-2023-52832"
},
{
"category": "external",
"summary": "SUSE Bug 1225577 for CVE-2023-52832",
"url": "https://bugzilla.suse.com/1225577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52832"
},
{
"cve": "CVE-2023-52833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: Add date-\u003eevt_skb is NULL check\n\nfix crash because of null pointers\n\n[ 6104.969662] BUG: kernel NULL pointer dereference, address: 00000000000000c8\n[ 6104.969667] #PF: supervisor read access in kernel mode\n[ 6104.969668] #PF: error_code(0x0000) - not-present page\n[ 6104.969670] PGD 0 P4D 0\n[ 6104.969673] Oops: 0000 [#1] SMP NOPTI\n[ 6104.969684] RIP: 0010:btusb_mtk_hci_wmt_sync+0x144/0x220 [btusb]\n[ 6104.969688] RSP: 0018:ffffb8d681533d48 EFLAGS: 00010246\n[ 6104.969689] RAX: 0000000000000000 RBX: ffff8ad560bb2000 RCX: 0000000000000006\n[ 6104.969691] RDX: 0000000000000000 RSI: ffffb8d681533d08 RDI: 0000000000000000\n[ 6104.969692] RBP: ffffb8d681533d70 R08: 0000000000000001 R09: 0000000000000001\n[ 6104.969694] R10: 0000000000000001 R11: 00000000fa83b2da R12: ffff8ad461d1d7c0\n[ 6104.969695] R13: 0000000000000000 R14: ffff8ad459618c18 R15: ffffb8d681533d90\n[ 6104.969697] FS: 00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:00000\n[ 6104.969699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6104.969700] CR2: 00000000000000c8 CR3: 000000018620c001 CR4: 0000000000760ef0\n[ 6104.969701] PKRU: 55555554\n[ 6104.969702] Call Trace:\n[ 6104.969708] btusb_mtk_shutdown+0x44/0x80 [btusb]\n[ 6104.969732] hci_dev_do_close+0x470/0x5c0 [bluetooth]\n[ 6104.969748] hci_rfkill_set_block+0x56/0xa0 [bluetooth]\n[ 6104.969753] rfkill_set_block+0x92/0x160\n[ 6104.969755] rfkill_fop_write+0x136/0x1e0\n[ 6104.969759] __vfs_write+0x18/0x40\n[ 6104.969761] vfs_write+0xdf/0x1c0\n[ 6104.969763] ksys_write+0xb1/0xe0\n[ 6104.969765] __x64_sys_write+0x1a/0x20\n[ 6104.969769] do_syscall_64+0x51/0x180\n[ 6104.969771] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[ 6104.969773] RIP: 0033:0x7f5a21f18fef\n[ 6104.9] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\n[ 6104.969780] RAX: ffffffffffffffda RBX: 000055c10a7560a0 RCX: 00007f5a21f18fef\n[ 6104.969781] RDX: 0000000000000008 RSI: 00007ffeefe39060 RDI: 0000000000000012\n[ 6104.969782] RBP: 00007ffeefe39060 R08: 0000000000000000 R09: 0000000000000017\n[ 6104.969784] R10: 00007ffeefe38d97 R11: 0000000000000293 R12: 0000000000000002\n[ 6104.969785] R13: 00007ffeefe39220 R14: 00007ffeefe391a0 R15: 000055c10a72acf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52833",
"url": "https://www.suse.com/security/cve/CVE-2023-52833"
},
{
"category": "external",
"summary": "SUSE Bug 1225595 for CVE-2023-52833",
"url": "https://bugzilla.suse.com/1225595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52833"
},
{
"cve": "CVE-2023-52834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natl1c: Work around the DMA RX overflow issue\n\nThis is based on alx driver commit 881d0327db37 (\"net: alx: Work around\nthe DMA RX overflow issue\").\n\nThe alx and atl1c drivers had RX overflow error which was why a custom\nallocator was created to avoid certain addresses. The simpler workaround\nthen created for alx driver, but not for atl1c due to lack of tester.\n\nInstead of using a custom allocator, check the allocated skb address and\nuse skb_reserve() to move away from problematic 0x...fc0 address.\n\nTested on AR8131 on Acer 4540.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52834",
"url": "https://www.suse.com/security/cve/CVE-2023-52834"
},
{
"category": "external",
"summary": "SUSE Bug 1225599 for CVE-2023-52834",
"url": "https://bugzilla.suse.com/1225599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52834"
},
{
"cve": "CVE-2023-52838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imsttfb: fix a resource leak in probe\n\nI\u0027ve re-written the error handling but the bug is that if init_imstt()\nfails we need to call iounmap(par-\u003ecmap_regs).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52838",
"url": "https://www.suse.com/security/cve/CVE-2023-52838"
},
{
"category": "external",
"summary": "SUSE Bug 1225031 for CVE-2023-52838",
"url": "https://bugzilla.suse.com/1225031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2023-52838"
},
{
"cve": "CVE-2023-52840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: synaptics-rmi4 - fix use after free in rmi_unregister_function()\n\nThe put_device() calls rmi_release_function() which frees \"fn\" so the\ndereference on the next line \"fn-\u003enum_of_irqs\" is a use after free.\nMove the put_device() to the end to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52840",
"url": "https://www.suse.com/security/cve/CVE-2023-52840"
},
{
"category": "external",
"summary": "SUSE Bug 1224928 for CVE-2023-52840",
"url": "https://bugzilla.suse.com/1224928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52840"
},
{
"cve": "CVE-2023-52841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: mux: Add check and kfree for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference.\nMoreover, use kfree() in the later error handling in order to avoid\nmemory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52841",
"url": "https://www.suse.com/security/cve/CVE-2023-52841"
},
{
"category": "external",
"summary": "SUSE Bug 1225592 for CVE-2023-52841",
"url": "https://bugzilla.suse.com/1225592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52841"
},
{
"cve": "CVE-2023-52844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: psi: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52844",
"url": "https://www.suse.com/security/cve/CVE-2023-52844"
},
{
"category": "external",
"summary": "SUSE Bug 1225590 for CVE-2023-52844",
"url": "https://bugzilla.suse.com/1225590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52844"
},
{
"cve": "CVE-2023-52847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: bttv: fix use after free error due to btv-\u003etimeout timer\n\nThere may be some a race condition between timer function\nbttv_irq_timeout and bttv_remove. The timer is setup in\nprobe and there is no timer_delete operation in remove\nfunction. When it hit kfree btv, the function might still be\ninvoked, which will cause use after free bug.\n\nThis bug is found by static analysis, it may be false positive.\n\nFix it by adding del_timer_sync invoking to the remove function.\n\ncpu0 cpu1\n bttv_probe\n -\u003etimer_setup\n -\u003ebttv_set_dma\n -\u003emod_timer;\nbttv_remove\n -\u003ekfree(btv);\n -\u003ebttv_irq_timeout\n -\u003eUSE btv",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52847",
"url": "https://www.suse.com/security/cve/CVE-2023-52847"
},
{
"category": "external",
"summary": "SUSE Bug 1225588 for CVE-2023-52847",
"url": "https://bugzilla.suse.com/1225588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52847"
},
{
"cve": "CVE-2023-52853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhid: cp2112: Fix duplicate workqueue initialization\n\nPreviously the cp2112 driver called INIT_DELAYED_WORK within\ncp2112_gpio_irq_startup, resulting in duplicate initilizations of the\nworkqueue on subsequent IRQ startups following an initial request. This\nresulted in a warning in set_work_data in workqueue.c, as well as a rare\nNULL dereference within process_one_work in workqueue.c.\n\nInitialize the workqueue within _probe instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52853",
"url": "https://www.suse.com/security/cve/CVE-2023-52853"
},
{
"category": "external",
"summary": "SUSE Bug 1224988 for CVE-2023-52853",
"url": "https://bugzilla.suse.com/1224988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52853"
},
{
"cve": "CVE-2023-52854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: Fix refcnt handling in padata_free_shell()\n\nIn a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead\nto system UAF (Use-After-Free) issues. Due to the lengthy analysis of\nthe pcrypt_aead01 function call, I\u0027ll describe the problem scenario\nusing a simplified model:\n\nSuppose there\u0027s a user of padata named `user_function` that adheres to\nthe padata requirement of calling `padata_free_shell` after `serial()`\nhas been invoked, as demonstrated in the following code:\n\n```c\nstruct request {\n struct padata_priv padata;\n struct completion *done;\n};\n\nvoid parallel(struct padata_priv *padata) {\n do_something();\n}\n\nvoid serial(struct padata_priv *padata) {\n struct request *request = container_of(padata,\n \t\t\t\tstruct request,\n\t\t\t\tpadata);\n complete(request-\u003edone);\n}\n\nvoid user_function() {\n DECLARE_COMPLETION(done)\n padata-\u003eparallel = parallel;\n padata-\u003eserial = serial;\n padata_do_parallel();\n wait_for_completion(\u0026done);\n padata_free_shell();\n}\n```\n\nIn the corresponding padata.c file, there\u0027s the following code:\n\n```c\nstatic void padata_serial_worker(struct work_struct *serial_work) {\n ...\n cnt = 0;\n\n while (!list_empty(\u0026local_list)) {\n ...\n padata-\u003eserial(padata);\n cnt++;\n }\n\n local_bh_enable();\n\n if (refcount_sub_and_test(cnt, \u0026pd-\u003erefcnt))\n padata_free_pd(pd);\n}\n```\n\nBecause of the high system load and the accumulation of unexecuted\nsoftirq at this moment, `local_bh_enable()` in padata takes longer\nto execute than usual. Subsequently, when accessing `pd-\u003erefcnt`,\n`pd` has already been released by `padata_free_shell()`, resulting\nin a UAF issue with `pd-\u003erefcnt`.\n\nThe fix is straightforward: add `refcount_dec_and_test` before calling\n`padata_free_pd` in `padata_free_shell`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52854",
"url": "https://www.suse.com/security/cve/CVE-2023-52854"
},
{
"category": "external",
"summary": "SUSE Bug 1225584 for CVE-2023-52854",
"url": "https://bugzilla.suse.com/1225584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52854"
},
{
"cve": "CVE-2023-52855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency\n\nIn _dwc2_hcd_urb_enqueue(), \"urb-\u003ehcpriv = NULL\" is executed without\nholding the lock \"hsotg-\u003elock\". In _dwc2_hcd_urb_dequeue():\n\n spin_lock_irqsave(\u0026hsotg-\u003elock, flags);\n ...\n\tif (!urb-\u003ehcpriv) {\n\t\tdev_dbg(hsotg-\u003edev, \"## urb-\u003ehcpriv is NULL ##\\n\");\n\t\tgoto out;\n\t}\n rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u003ehcpriv); // Use urb-\u003ehcpriv\n ...\nout:\n spin_unlock_irqrestore(\u0026hsotg-\u003elock, flags);\n\nWhen _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are\nconcurrently executed, the NULL check of \"urb-\u003ehcpriv\" can be executed\nbefore \"urb-\u003ehcpriv = NULL\". After urb-\u003ehcpriv is NULL, it can be used\nin the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL\npointer dereference.\n\nThis possible bug is found by an experimental static analysis tool\ndeveloped by myself. This tool analyzes the locking APIs to extract\nfunction pairs that can be concurrently executed, and then analyzes the\ninstructions in the paired functions to identify possible concurrency\nbugs including data races and atomicity violations. The above possible\nbug is reported, when my tool analyzes the source code of Linux 6.5.\n\nTo fix this possible bug, \"urb-\u003ehcpriv = NULL\" should be executed with\nholding the lock \"hsotg-\u003elock\". After using this patch, my tool never\nreports the possible bug, with the kernelconfiguration allyesconfig for\nx86_64. Because I have no associated hardware, I cannot test the patch\nin runtime testing, and just verify it according to the code logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52855",
"url": "https://www.suse.com/security/cve/CVE-2023-52855"
},
{
"category": "external",
"summary": "SUSE Bug 1225583 for CVE-2023-52855",
"url": "https://bugzilla.suse.com/1225583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52855"
},
{
"cve": "CVE-2023-52856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: lt8912b: Fix crash on bridge detach\n\nThe lt8912b driver, in its bridge detach function, calls\ndrm_connector_unregister() and drm_connector_cleanup().\n\ndrm_connector_unregister() should be called only for connectors\nexplicitly registered with drm_connector_register(), which is not the\ncase in lt8912b.\n\nThe driver\u0027s drm_connector_funcs.destroy hook is set to\ndrm_connector_cleanup().\n\nThus the driver should not call either drm_connector_unregister() nor\ndrm_connector_cleanup() in its lt8912_bridge_detach(), as they cause a\ncrash on bridge detach:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000000858f3000\n[0000000000000000] pgd=0800000085918003, p4d=0800000085918003, pud=0800000085431003, pmd=0000000000000000\nInternal error: Oops: 0000000096000006 [#1] PREEMPT SMP\nModules linked in: tidss(-) display_connector lontium_lt8912b tc358768 panel_lvds panel_simple drm_dma_helper drm_kms_helper drm drm_panel_orientation_quirks\nCPU: 3 PID: 462 Comm: rmmod Tainted: G W 6.5.0-rc2+ #2\nHardware name: Toradex Verdin AM62 on Verdin Development Board (DT)\npstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : drm_connector_cleanup+0x78/0x2d4 [drm]\nlr : lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b]\nsp : ffff800082ed3a90\nx29: ffff800082ed3a90 x28: ffff0000040c1940 x27: 0000000000000000\nx26: 0000000000000000 x25: dead000000000122 x24: dead000000000122\nx23: dead000000000100 x22: ffff000003fb6388 x21: 0000000000000000\nx20: 0000000000000000 x19: ffff000003fb6260 x18: fffffffffffe56e8\nx17: 0000000000000000 x16: 0010000000000000 x15: 0000000000000038\nx14: 0000000000000000 x13: ffff800081914b48 x12: 000000000000040e\nx11: 000000000000015a x10: ffff80008196ebb8 x9 : ffff800081914b48\nx8 : 00000000ffffefff x7 : ffff0000040c1940 x6 : ffff80007aa649d0\nx5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80008159e008\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\nCall trace:\n drm_connector_cleanup+0x78/0x2d4 [drm]\n lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b]\n drm_bridge_detach+0x44/0x84 [drm]\n drm_encoder_cleanup+0x40/0xb8 [drm]\n drmm_encoder_alloc_release+0x1c/0x30 [drm]\n drm_managed_release+0xac/0x148 [drm]\n drm_dev_put.part.0+0x88/0xb8 [drm]\n devm_drm_dev_init_release+0x14/0x24 [drm]\n devm_action_release+0x14/0x20\n release_nodes+0x5c/0x90\n devres_release_all+0x8c/0xe0\n device_unbind_cleanup+0x18/0x68\n device_release_driver_internal+0x208/0x23c\n driver_detach+0x4c/0x94\n bus_remove_driver+0x70/0xf4\n driver_unregister+0x30/0x60\n platform_driver_unregister+0x14/0x20\n tidss_platform_driver_exit+0x18/0xb2c [tidss]\n __arm64_sys_delete_module+0x1a0/0x2b4\n invoke_syscall+0x48/0x110\n el0_svc_common.constprop.0+0x60/0x10c\n do_el0_svc_compat+0x1c/0x40\n el0_svc_compat+0x40/0xac\n el0t_32_sync_handler+0xb0/0x138\n el0t_32_sync+0x194/0x198\nCode: 9104a276 f2fbd5b7 aa0203e1 91008af8 (f85c0420)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52856",
"url": "https://www.suse.com/security/cve/CVE-2023-52856"
},
{
"category": "external",
"summary": "SUSE Bug 1224932 for CVE-2023-52856",
"url": "https://bugzilla.suse.com/1224932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52856"
},
{
"cve": "CVE-2023-52858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52858",
"url": "https://www.suse.com/security/cve/CVE-2023-52858"
},
{
"category": "external",
"summary": "SUSE Bug 1225566 for CVE-2023-52858",
"url": "https://bugzilla.suse.com/1225566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52858"
},
{
"cve": "CVE-2023-52864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp-\u003eprivate_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52864",
"url": "https://www.suse.com/security/cve/CVE-2023-52864"
},
{
"category": "external",
"summary": "SUSE Bug 1225132 for CVE-2023-52864",
"url": "https://bugzilla.suse.com/1225132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52864"
},
{
"cve": "CVE-2023-52865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52865",
"url": "https://www.suse.com/security/cve/CVE-2023-52865"
},
{
"category": "external",
"summary": "SUSE Bug 1225086 for CVE-2023-52865",
"url": "https://bugzilla.suse.com/1225086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52865"
},
{
"cve": "CVE-2023-52867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: possible buffer overflow\n\nBuffer \u0027afmt_status\u0027 of size 6 could overflow, since index \u0027afmt_idx\u0027 is\nchecked after access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52867",
"url": "https://www.suse.com/security/cve/CVE-2023-52867"
},
{
"category": "external",
"summary": "SUSE Bug 1225009 for CVE-2023-52867",
"url": "https://bugzilla.suse.com/1225009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52867"
},
{
"cve": "CVE-2023-52868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: prevent potential string overflow\n\nThe dev-\u003eid value comes from ida_alloc() so it\u0027s a number between zero\nand INT_MAX. If it\u0027s too high then these sprintf()s will overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52868",
"url": "https://www.suse.com/security/cve/CVE-2023-52868"
},
{
"category": "external",
"summary": "SUSE Bug 1225044 for CVE-2023-52868",
"url": "https://bugzilla.suse.com/1225044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52868"
},
{
"cve": "CVE-2023-52870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52870",
"url": "https://www.suse.com/security/cve/CVE-2023-52870"
},
{
"category": "external",
"summary": "SUSE Bug 1224937 for CVE-2023-52870",
"url": "https://bugzilla.suse.com/1224937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52870"
},
{
"cve": "CVE-2023-52871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: llcc: Handle a second device without data corruption\n\nUsually there is only one llcc device. But if there were a second, even\na failed probe call would modify the global drv_data pointer. So check\nif drv_data is valid before overwriting it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52871",
"url": "https://www.suse.com/security/cve/CVE-2023-52871"
},
{
"category": "external",
"summary": "SUSE Bug 1225534 for CVE-2023-52871",
"url": "https://bugzilla.suse.com/1225534"
},
{
"category": "external",
"summary": "SUSE Bug 1227475 for CVE-2023-52871",
"url": "https://bugzilla.suse.com/1227475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2023-52871"
},
{
"cve": "CVE-2023-52872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52872"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix race condition in status line change on dead connections\n\ngsm_cleanup_mux() cleans up the gsm by closing all DLCIs, stopping all\ntimers, removing the virtual tty devices and clearing the data queues.\nThis procedure, however, may cause subsequent changes of the virtual modem\nstatus lines of a DLCI. More data is being added the outgoing data queue\nand the deleted kick timer is restarted to handle this. At this point many\nresources have already been removed by the cleanup procedure. Thus, a\nkernel panic occurs.\n\nFix this by proving in gsm_modem_update() that the cleanup procedure has\nnot been started and the mux is still alive.\n\nNote that writing to a virtual tty is already protected by checks against\nthe DLCI specific connection state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52872",
"url": "https://www.suse.com/security/cve/CVE-2023-52872"
},
{
"category": "external",
"summary": "SUSE Bug 1225591 for CVE-2023-52872",
"url": "https://bugzilla.suse.com/1225591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52872"
},
{
"cve": "CVE-2023-52873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52873",
"url": "https://www.suse.com/security/cve/CVE-2023-52873"
},
{
"category": "external",
"summary": "SUSE Bug 1225589 for CVE-2023-52873",
"url": "https://bugzilla.suse.com/1225589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52873"
},
{
"cve": "CVE-2023-52875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52875",
"url": "https://www.suse.com/security/cve/CVE-2023-52875"
},
{
"category": "external",
"summary": "SUSE Bug 1225096 for CVE-2023-52875",
"url": "https://bugzilla.suse.com/1225096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52875"
},
{
"cve": "CVE-2023-52876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52876",
"url": "https://www.suse.com/security/cve/CVE-2023-52876"
},
{
"category": "external",
"summary": "SUSE Bug 1225036 for CVE-2023-52876",
"url": "https://bugzilla.suse.com/1225036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52876"
},
{
"cve": "CVE-2023-52877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()\n\nIt is possible that typec_register_partner() returns ERR_PTR on failure.\nWhen port-\u003epartner is an error, a NULL pointer dereference may occur as\nshown below.\n\n[91222.095236][ T319] typec port0: failed to register partner (-17)\n...\n[91225.061491][ T319] Unable to handle kernel NULL pointer dereference\nat virtual address 000000000000039f\n[91225.274642][ T319] pc : tcpm_pd_data_request+0x310/0x13fc\n[91225.274646][ T319] lr : tcpm_pd_data_request+0x298/0x13fc\n[91225.308067][ T319] Call trace:\n[91225.308070][ T319] tcpm_pd_data_request+0x310/0x13fc\n[91225.308073][ T319] tcpm_pd_rx_handler+0x100/0x9e8\n[91225.355900][ T319] kthread_worker_fn+0x178/0x58c\n[91225.355902][ T319] kthread+0x150/0x200\n[91225.355905][ T319] ret_from_fork+0x10/0x30\n\nAdd a check for port-\u003epartner to avoid dereferencing a NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52877",
"url": "https://www.suse.com/security/cve/CVE-2023-52877"
},
{
"category": "external",
"summary": "SUSE Bug 1224944 for CVE-2023-52877",
"url": "https://bugzilla.suse.com/1224944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52877"
},
{
"cve": "CVE-2023-52878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_put_echo_skb(): don\u0027t crash kernel if can_priv::echo_skb is accessed out of bounds\n\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52878",
"url": "https://www.suse.com/security/cve/CVE-2023-52878"
},
{
"category": "external",
"summary": "SUSE Bug 1225000 for CVE-2023-52878",
"url": "https://bugzilla.suse.com/1225000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-52878"
},
{
"cve": "CVE-2023-52880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc\n\nAny unprivileged user can attach N_GSM0710 ldisc, but it requires\nCAP_NET_ADMIN to create a GSM network anyway.\n\nRequire initial namespace CAP_NET_ADMIN to do that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52880",
"url": "https://www.suse.com/security/cve/CVE-2023-52880"
},
{
"category": "external",
"summary": "SUSE Bug 1222619 for CVE-2023-52880",
"url": "https://bugzilla.suse.com/1222619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2023-52880"
},
{
"cve": "CVE-2024-0639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0639"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u0027s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0639",
"url": "https://www.suse.com/security/cve/CVE-2024-0639"
},
{
"category": "external",
"summary": "SUSE Bug 1218917 for CVE-2024-0639",
"url": "https://bugzilla.suse.com/1218917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [\u003cffffffff8eb8a1a5\u003e] kmem_cache_alloc+0x2d5/0x370\n [\u003cffffffff8e917f86\u003e] prepare_creds+0x26/0x2e0\n [\u003cffffffffc002eeef\u003e] cachefiles_determine_cache_security+0x1f/0x120\n [\u003cffffffffc00243ec\u003e] cachefiles_add_cache+0x13c/0x3a0\n [\u003cffffffffc0025216\u003e] cachefiles_daemon_write+0x146/0x1c0\n [\u003cffffffff8ebc4a3b\u003e] vfs_write+0xcb/0x520\n [\u003cffffffff8ebc5069\u003e] ksys_write+0x69/0xf0\n [\u003cffffffff8f6d4662\u003e] do_syscall_64+0x72/0x140\n [\u003cffffffff8f8000aa\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26840",
"url": "https://www.suse.com/security/cve/CVE-2024-26840"
},
{
"category": "external",
"summary": "SUSE Bug 1222976 for CVE-2024-26840",
"url": "https://bugzilla.suse.com/1222976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "low"
}
],
"title": "CVE-2024-26840"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npacket: annotate data-races around ignore_outgoing\n\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\n\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\n\nsyzbot reported:\n\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\n\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\n packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\n do_sock_setsockopt net/socket.c:2311 [inline]\n __sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\n dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\n xmit_one net/core/dev.c:3527 [inline]\n dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\n batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\n batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\n batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\n worker_thread+0x526/0x730 kernel/workqueue.c:3416\n kthread+0x1d1/0x210 kernel/kthread.c:388\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n\nvalue changed: 0x00 -\u003e 0x01\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26862",
"url": "https://www.suse.com/security/cve/CVE-2024-26862"
},
{
"category": "external",
"summary": "SUSE Bug 1223111 for CVE-2024-26862",
"url": "https://bugzilla.suse.com/1223111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-26862"
},
{
"cve": "CVE-2024-26921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb-\u003esk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb-\u003esk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead-\u003esk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff-\u003esk member, we must move the\noffset into the FRAG_CB, else skb-\u003esk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won\u0027t continue past reasm engine.\n\nIn the latter case, we will steal the skb-\u003esk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26921",
"url": "https://www.suse.com/security/cve/CVE-2024-26921"
},
{
"category": "external",
"summary": "SUSE Bug 1223138 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "external",
"summary": "SUSE Bug 1223139 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-26921"
},
{
"cve": "CVE-2024-26925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: release mutex after nft_gc_seq_end from abort path\n\nThe commit mutex should not be released during the critical section\nbetween nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC\nworker could collect expired objects and get the released commit lock\nwithin the same GC sequence.\n\nnf_tables_module_autoload() temporarily releases the mutex to load\nmodule dependencies, then it goes back to replay the transaction again.\nMove it at the end of the abort phase after nft_gc_seq_end() is called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26925",
"url": "https://www.suse.com/security/cve/CVE-2024-26925"
},
{
"category": "external",
"summary": "SUSE Bug 1223390 for CVE-2024-26925",
"url": "https://bugzilla.suse.com/1223390"
},
{
"category": "external",
"summary": "SUSE Bug 1224175 for CVE-2024-26925",
"url": "https://bugzilla.suse.com/1224175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-26925"
},
{
"cve": "CVE-2024-26928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_debug_files_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26928",
"url": "https://www.suse.com/security/cve/CVE-2024-26928"
},
{
"category": "external",
"summary": "SUSE Bug 1223532 for CVE-2024-26928",
"url": "https://bugzilla.suse.com/1223532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-26928"
},
{
"cve": "CVE-2024-26929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26929"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26929",
"url": "https://www.suse.com/security/cve/CVE-2024-26929"
},
{
"category": "external",
"summary": "SUSE Bug 1223715 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "external",
"summary": "SUSE Bug 1223716 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-27413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi/capsule-loader: fix incorrect allocation size\n\ngcc-14 notices that the allocation with sizeof(void) on 32-bit architectures\nis not enough for a 64-bit phys_addr_t:\n\ndrivers/firmware/efi/capsule-loader.c: In function \u0027efi_capsule_open\u0027:\ndrivers/firmware/efi/capsule-loader.c:295:24: error: allocation of insufficient size \u00274\u0027 for type \u0027phys_addr_t\u0027 {aka \u0027long long unsigned int\u0027} with size \u00278\u0027 [-Werror=alloc-size]\n 295 | cap_info-\u003ephys = kzalloc(sizeof(void *), GFP_KERNEL);\n | ^\n\nUse the correct type instead here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27413",
"url": "https://www.suse.com/security/cve/CVE-2024-27413"
},
{
"category": "external",
"summary": "SUSE Bug 1224438 for CVE-2024-27413",
"url": "https://bugzilla.suse.com/1224438"
},
{
"category": "external",
"summary": "SUSE Bug 1225315 for CVE-2024-27413",
"url": "https://bugzilla.suse.com/1225315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-27413"
},
{
"cve": "CVE-2024-35811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach\n\nThis is the candidate patch of CVE-2023-47233 :\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-47233\n\nIn brcm80211 driver,it starts with the following invoking chain\nto start init a timeout worker:\n\n-\u003ebrcmf_usb_probe\n -\u003ebrcmf_usb_probe_cb\n -\u003ebrcmf_attach\n -\u003ebrcmf_bus_started\n -\u003ebrcmf_cfg80211_attach\n -\u003ewl_init_priv\n -\u003ebrcmf_init_escan\n -\u003eINIT_WORK(\u0026cfg-\u003eescan_timeout_work,\n\t\t brcmf_cfg80211_escan_timeout_worker);\n\nIf we disconnect the USB by hotplug, it will call\nbrcmf_usb_disconnect to make cleanup. The invoking chain is :\n\nbrcmf_usb_disconnect\n -\u003ebrcmf_usb_disconnect_cb\n -\u003ebrcmf_detach\n -\u003ebrcmf_cfg80211_detach\n -\u003ekfree(cfg);\n\nWhile the timeout woker may still be running. This will cause\na use-after-free bug on cfg in brcmf_cfg80211_escan_timeout_worker.\n\nFix it by deleting the timer and canceling the worker in\nbrcmf_cfg80211_detach.\n\n[arend.vanspriel@broadcom.com: keep timer delete as is and cancel work just before free]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35811",
"url": "https://www.suse.com/security/cve/CVE-2024-35811"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2024-35811",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\n\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\nthat is not embedded inside struct aio_kiocb. With the current code,\ndepending on the compiler, the req-\u003eki_ctx read happens either before\nthe IOCB_AIO_RW test or after that test. Move the req-\u003eki_ctx read such\nthat it is guaranteed that the IOCB_AIO_RW test happens first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35815",
"url": "https://www.suse.com/security/cve/CVE-2024-35815"
},
{
"category": "external",
"summary": "SUSE Bug 1224685 for CVE-2024-35815",
"url": "https://bugzilla.suse.com/1224685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-35815"
},
{
"cve": "CVE-2024-35817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag\n\nOtherwise after the GTT bo is released, the GTT and gart space is freed\nbut amdgpu_ttm_backend_unbind will not clear the gart page table entry\nand leave valid mapping entry pointing to the stale system page. Then\nif GPU access the gart address mistakely, it will read undefined value\ninstead page fault, harder to debug and reproduce the real issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35817",
"url": "https://www.suse.com/security/cve/CVE-2024-35817"
},
{
"category": "external",
"summary": "SUSE Bug 1224736 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "external",
"summary": "SUSE Bug 1225313 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1225313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-35817"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_write()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35868",
"url": "https://www.suse.com/security/cve/CVE-2024-35868"
},
{
"category": "external",
"summary": "SUSE Bug 1224678 for CVE-2024-35868",
"url": "https://bugzilla.suse.com/1224678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-35868"
},
{
"cve": "CVE-2024-35895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Prevent lock inversion deadlock in map delete elem\n\nsyzkaller started using corpuses where a BPF tracing program deletes\nelements from a sockmap/sockhash map. Because BPF tracing programs can be\ninvoked from any interrupt context, locks taken during a map_delete_elem\noperation must be hardirq-safe. Otherwise a deadlock due to lock inversion\nis possible, as reported by lockdep:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026htab-\u003ebuckets[i].lock);\n local_irq_disable();\n lock(\u0026host-\u003elock);\n lock(\u0026htab-\u003ebuckets[i].lock);\n \u003cInterrupt\u003e\n lock(\u0026host-\u003elock);\n\nLocks in sockmap are hardirq-unsafe by design. We expects elements to be\ndeleted from sockmap/sockhash only in task (normal) context with interrupts\nenabled, or in softirq context.\n\nDetect when map_delete_elem operation is invoked from a context which is\n_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an\nerror.\n\nNote that map updates are not affected by this issue. BPF verifier does not\nallow updating sockmap/sockhash from a BPF tracing program today.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35895",
"url": "https://www.suse.com/security/cve/CVE-2024-35895"
},
{
"category": "external",
"summary": "SUSE Bug 1224511 for CVE-2024-35895",
"url": "https://bugzilla.suse.com/1224511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: avoid dereference of garbage after mount failure\n\nIn case kern_mount() fails and returns an error pointer return in the\nerror branch instead of continuing and dereferencing the error pointer.\n\nWhile on it drop the never read static variable selinuxfs_mount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35904",
"url": "https://www.suse.com/security/cve/CVE-2024-35904"
},
{
"category": "external",
"summary": "SUSE Bug 1224494 for CVE-2024-35904",
"url": "https://bugzilla.suse.com/1224494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-35904"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix error cleanup path in nfsd_rename()\n\nCommit a8b0026847b8 (\"rename(): avoid a deadlock in the case of parents\nhaving no common ancestor\") added an error bail out path. However this\npath does not drop the remount protection that has been acquired. Fix\nthe cleanup path to properly drop the remount protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35914",
"url": "https://www.suse.com/security/cve/CVE-2024-35914"
},
{
"category": "external",
"summary": "SUSE Bug 1224482 for CVE-2024-35914",
"url": "https://bugzilla.suse.com/1224482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-35914"
},
{
"cve": "CVE-2024-36926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: LPAR panics during boot up with a frozen PE\n\nAt the time of LPAR boot up, partition firmware provides Open Firmware\nproperty ibm,dma-window for the PE. This property is provided on the PCI\nbus the PE is attached to.\n\nThere are execptions where the partition firmware might not provide this\nproperty for the PE at the time of LPAR boot up. One of the scenario is\nwhere the firmware has frozen the PE due to some error condition. This\nPE is frozen for 24 hours or unless the whole system is reinitialized.\n\nWithin this time frame, if the LPAR is booted, the frozen PE will be\npresented to the LPAR but ibm,dma-window property could be missing.\n\nToday, under these circumstances, the LPAR oopses with NULL pointer\ndereference, when configuring the PCI bus the PE is attached to.\n\n BUG: Kernel NULL pointer dereference on read at 0x000000c8\n Faulting instruction address: 0xc0000000001024c0\n Oops: Kernel access of bad area, sig: 7 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries\n Modules linked in:\n Supported: Yes\n CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.4.0-150600.9-default #1\n Hardware name: IBM,9043-MRX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1060.00 (NM1060_023) hv:phyp pSeries\n NIP: c0000000001024c0 LR: c0000000001024b0 CTR: c000000000102450\n REGS: c0000000037db5c0 TRAP: 0300 Not tainted (6.4.0-150600.9-default)\n MSR: 8000000002009033 \u003cSF,VEC,EE,ME,IR,DR,RI,LE\u003e CR: 28000822 XER: 00000000\n CFAR: c00000000010254c DAR: 00000000000000c8 DSISR: 00080000 IRQMASK: 0\n ...\n NIP [c0000000001024c0] pci_dma_bus_setup_pSeriesLP+0x70/0x2a0\n LR [c0000000001024b0] pci_dma_bus_setup_pSeriesLP+0x60/0x2a0\n Call Trace:\n pci_dma_bus_setup_pSeriesLP+0x60/0x2a0 (unreliable)\n pcibios_setup_bus_self+0x1c0/0x370\n __of_scan_bus+0x2f8/0x330\n pcibios_scan_phb+0x280/0x3d0\n pcibios_init+0x88/0x12c\n do_one_initcall+0x60/0x320\n kernel_init_freeable+0x344/0x3e4\n kernel_init+0x34/0x1d0\n ret_from_kernel_user_thread+0x14/0x1c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36926",
"url": "https://www.suse.com/security/cve/CVE-2024-36926"
},
{
"category": "external",
"summary": "SUSE Bug 1225829 for CVE-2024-36926",
"url": "https://bugzilla.suse.com/1225829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.82.1.noarch",
"openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.82.1.x86_64",
"openSUSE Leap Micro 5.4:kernel-rt-5.14.21-150400.15.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-12T16:39:51Z",
"details": "moderate"
}
],
"title": "CVE-2024-36926"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…