SUSE-SU-2024:1659-1

Advisory lineage Upstream: 218 Downstream: 0

Upstream

CVE-2021-47047 CVE-2021-47181 CVE-2021-47182 CVE-2021-47183 CVE-2021-47184 CVE-2021-47185

Published: 15 May 2024, 09:29

Last modified:02 May 2025, 04:32

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 May 2024, 09:29

Published

Vulnerability first disclosed

02 May 2025, 04:32

Last Modified

Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case (bsc#1222596). - CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705). - CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834). - CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822). - CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827). - CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). - CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714). - CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821). - CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816). - CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790). - CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735). - CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745). - CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693). - CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634). - CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644). - CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645). - CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646). - CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648). - CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655). - CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660). - CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661). - CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664). - CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525). - CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198). - CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042). - CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196). - CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190). - CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189). - CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035). - CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034). - CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041). - CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066). - CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060). - CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024). - CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). - CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076). - CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058). - CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052). - CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). - CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061). - CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). - CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030). - CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968). - CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012). - CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812). - CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). - CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801). - CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). - CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). - CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615). - CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). - CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). - CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) - CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726). - CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721). - CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). - CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). - CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table (bsc#1222724). - CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449). - CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677). - CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557). - CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). - CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536). - CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416). - CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). - CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers() (bsc#1222549). - CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). - CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). - CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write (bsc#1222437). - CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445). - CVE-2024-26681: Fixed netdevsim to avoid potential loop in nsim_dev_trap_report_work() (bsc#1222431). - CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring (bsc#1222427). - CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379). - CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368). - CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357). - CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder creation (bsc#1222266). - CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307). - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). - CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342). - CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). - CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104). - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). - CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). - CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686). - CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033). - CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in msgr2 (bsc#1222247). - CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294). - CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace (bsc#1222051). - CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825). - CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612). - CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617). - CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042). - CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). - CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). - CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084). - CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080). - CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash memory region (bsc#1220935). - CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915). - CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162). - CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505). - CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498). - CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496). - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). - CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478). - CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499). - CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). - CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710). - CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) - CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838). - CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832). - CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). - CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). - CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). - CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). - CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). The following non-security bugs were fixed: - ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes). - ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes). - ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes). - ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes). - ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes). - ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes). - ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes). - ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes). - ALSA: scarlett2: Add correct product series name to messages (stable-fixes). - ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes). - ALSA: scarlett2: Default mixer driver to enabled (stable-fixes). - ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes). - ASoC: meson: axg-card: make links nonatomic (git-fixes). - ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes). - ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes). - ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes). - ASoC: tegra: Fix DSPK 16-bit playback (git-fixes). - ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes). - Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes). - Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes). - Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes). - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes). - Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes). - Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes). - Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes). - Bluetooth: add quirk for broken address properties (git-fixes). - Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes). - Bluetooth: btintel: Fixe build regression (git-fixes). - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes). - Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes). - Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes). - Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes). - Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes). - Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes). - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes). - HID: logitech-dj: allow mice to use all types of reports (git-fixes). - HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes). - Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes). - NFC: trf7970a: disable all regulators on removal (git-fixes). - NFS: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). - PCI/AER: Block runtime suspend when handling errors (git-fixes). - PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes). - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes). - PCI/DPC: Quirk PIO log size for certain Intel Root Ports (git-fixes). - PCI/PM: Drain runtime-idle callbacks before driver removal (git-fixes). - PCI: Drop pci_device_remove() test of pci_dev->driver (git-fixes). - PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888). - RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). - RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes). - RDMA/cm: add timeout to cm_destroy_id wait (git-fixes) - Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes). - Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes). - Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes). - Revert 'ice: Fix ice VF reset during iavf initialization (jsc#PED-376).' (bsc#1223275) - Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes). - Revert 'usb: phy: generic: Get the vbus supply' (git-fixes). - USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes). - USB: serial: add device ID for VeriFone adapter (stable-fixes). - USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes). - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes). - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes). - USB: serial: option: add Fibocom FM135-GL variants (stable-fixes). - USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes). - USB: serial: option: add MeiG Smart SLM320 product (stable-fixes). - USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes). - USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes). - USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes). - USB: serial: option: support Quectel EM060K sub-models (stable-fixes). - ahci: asm1064: asm1166: do not limit reported ports (git-fixes). - ahci: asm1064: correct count of reported ports (stable-fixes). - arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes) - arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes) - arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes) - arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes) - arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes) - arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes) - arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes) - arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes). - ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes). - batman-adv: Avoid infinite loop trying to resize local TT (git-fixes). - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes). - bcache: Remove dead references to cache_readaheads (git-fixes). - bcache: Remove unnecessary NULL point check in node allocations (git-fixes). - bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes). - bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes). - bcache: avoid oversize memory allocation by small stripe_size (git-fixes). - bcache: bset: Fix comment typos (git-fixes). - bcache: check return value from btree_node_alloc_replacement() (git-fixes). - bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes). - bcache: fix error info in register_bcache() (git-fixes). - bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing (git-fixes). - bcache: fixup btree_cache_wait list damage (git-fixes). - bcache: fixup init dirty data errors (git-fixes). - bcache: fixup lock c->root error (git-fixes). - bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git-fixes). - bcache: move calc_cached_dev_sectors to proper place on backing device detach (git-fixes). - bcache: move uapi header bcache.h to bcache code directory (git-fixes). - bcache: prevent potential division by zero error (git-fixes). - bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device registration' (git-fixes). - bcache: remove redundant assignment to variable cur_idx (git-fixes). - bcache: remove the backing_dev_name field from struct cached_dev (git-fixes). - bcache: remove the cache_dev_name field from struct cache (git-fixes). - bcache: remove unnecessary flush_workqueue (git-fixes). - bcache: remove unused bch_mark_cache_readahead function def in stats.h (git-fixes). - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes). - bcache: replace snprintf in show functions with sysfs_emit (git-fixes). - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes). - bcache: use bvec_kmap_local in bch_data_verify (git-fixes). - bcache: use bvec_kmap_local in bio_csum (git-fixes). - bcache: use default_groups in kobj_type (git-fixes). - bcache:: fix repeated words in comments (git-fixes). - ceph: stop copying to iter at EOF on sync reads (bsc#1223068). - ceph: switch to corrected encoding of max_xattr_size in mdsmap (bsc#1223067). - clk: Get runtime PM before walking tree during disable_unused (git-fixes). - clk: Initialize struct clk_core kref earlier (stable-fixes). - clk: Mark 'all_lists' as const (stable-fixes). - clk: Print an info line before disabling unused clocks (stable-fixes). - clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes). - clk: remove extra empty line (stable-fixes). - comedi: vmk80xx: fix incomplete endpoint checking (git-fixes). - dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes). - dm cache: add cond_resched() to various workqueue loops (git-fixes). - dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git-fixes). - dm crypt: add cond_resched() to dmcrypt_write() (git-fixes). - dm crypt: avoid accessing uninitialized tasklet (git-fixes). - dm flakey: do not corrupt the zero page (git-fixes). - dm flakey: fix a bug with 32-bit highmem systems (git-fixes). - dm flakey: fix a crash with invalid table line (git-fixes). - dm flakey: fix logic when corrupting a bio (git-fixes). - dm init: add dm-mod.waitfor to wait for asynchronously probed block devices (git-fixes). - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes). - dm integrity: fix out-of-range warning (git-fixes). - dm integrity: reduce vmalloc space footprint on 32-bit architectures (git-fixes). - dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes). - dm raid: fix false positive for requeue needed during reshape (git-fixes). - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-fixes). - dm stats: check for and propagate alloc_percpu failure (git-fixes). - dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git-fixes). - dm thin metadata: check fail_io before using data_sm (git-fixes). - dm thin: add cond_resched() to various workqueue loops (git-fixes). - dm thin: fix deadlock when swapping to thin device (bsc#1177529). - dm verity: do not perform FEC for failed readahead IO (git-fixes). - dm verity: fix error handling for check_at_most_once on FEC (git-fixes). - dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes). - dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes). - dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata() (git-fixes). - dm-raid: fix lockdep waring in 'pers->hot_add_disk' (git-fixes). - dm-verity, dm-crypt: align 'struct bvec_iter' correctly (git-fixes). - dm-verity: align struct dm_verity_fec_io properly (git-fixes). - dm: add cond_resched() to dm_wq_work() (git-fixes). - dm: call the resume method on internal suspend (git-fixes). - dm: do not lock fs when the map is NULL during suspend or resume (git-fixes). - dm: do not lock fs when the map is NULL in process of resume (git-fixes). - dm: remove flush_scheduled_work() during local_exit() (git-fixes). - dm: send just one event on resize, not two (git-fixes). - dma: xilinx_dpdma: Fix locking (git-fixes). - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes). - dmaengine: owl: fix register access functions (git-fixes). - dmaengine: tegra186: Fix residual calculation (git-fixes). - docs: Document the FAN_FS_ERROR event (stable-fixes). - drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes). - drm/amd/display: Do not recursively call manual trigger programming (stable-fixes). - drm/amd/display: Fix nanosec stat overflow (stable-fixes). - drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes). - drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes). - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes). - drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes). - drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes). - drm/amdgpu: always force full reset for SOC21 (stable-fixes). - drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes). - drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes). - drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes). - drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes). - drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes). - drm/ast: Fix soft lockup (git-fixes). - drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes). - drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes). - drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes). - drm/i915: Disable port sync when bigjoiner is used (stable-fixes). - drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes). - drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834) - drm/panel: ili9341: Respect deferred probe (git-fixes). - drm/panel: ili9341: Use predefined error codes (git-fixes). - drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes). - drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes). - drm/vmwgfx: Enable DMA mappings with SEV (git-fixes). - drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes). - drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes). - drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes). - drm: nv04: Fix out of bounds access (git-fixes). - drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes). - drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes). - dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574). - fbdev: fix incorrect address computation in deferred IO (git-fixes). - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes). - fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes). - fix build warning - fuse: do not unhash root (bsc#1223951). - fuse: fix root lookup with nonzero generation (bsc#1223950). - hwmon: (amc6821) add of_match table (stable-fixes). - i2c: pxa: hide unused icr_bits[] variable (git-fixes). - i2c: smbus: fix NULL function pointer dereference (git-fixes). - i40e: Fix VF MAC filter removal (git-fixes). - idma64: Do not try to serve interrupts when device is powered off (git-fixes). - iio: accel: mxc4005: Interrupt handling fixes (git-fixes). - iio:imu: adis16475: Fix sync mode setting (git-fixes). - init/main.c: Fix potential static_command_line memory overflow (git-fixes). - iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (git-fixes). - iommu/amd: Fix 'Guest Virtual APIC Table Root Pointer' configuration in IRTE (git-fixes). - iommu/amd: Fix domain flush size when syncing iotlb (git-fixes). - iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes). - iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes). - iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes). - iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes). - iommu/iova: Fix alloc iova overflows issue (git-fixes). - iommu/mediatek: Flush IOTLB completely only if domain has been attached (git-fixes). - iommu/rockchip: Fix unwind goto issue (git-fixes). - iommu/sprd: Release dma buffer to avoid memory leak (git-fixes). - iommu/vt-d: Allocate local memory for page request queue (git-fixes). - iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes). - iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes). - iommu: Fix error unwind in iommu_group_alloc() (git-fixes). - ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes). - kABI: Adjust trace_iterator.wait_index (git-fixes). - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes). - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes). - libnvdimm/region: Allow setting align attribute on regions without mappings (git-fixes). - livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539). - md/raid1: fix choose next idle in read_balance() (git-fixes). - md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes). - md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git-fixes). - media: cec: core: remove length check of Timer Status (stable-fixes). - media: sta2x11: fix irq handler cast (stable-fixes). - mei: me: add arrow lake point H DID (stable-fixes). - mei: me: add arrow lake point S DID (stable-fixes). - mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes). - mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473). - mmc: sdhci-msm: pervent access to suspended controller (git-fixes). - mtd: diskonchip: work around ubsan link failure (stable-fixes). - nd_btt: Make BTT lanes preemptible (git-fixes). - net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes). - net: fix a memleak when uncloning an skb dst and its metadata (git-fixes). - net: fix skb leak in __skb_tstamp_tx() (git-fixes). - net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes). - net: mld: fix reference count leak in mld_{query | report}_work() (git-fixes). - net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes). - net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes). - net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes). - net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes). - net: vlan: fix underflow for the real_dev refcnt (git-fixes). - netfilter: br_netfilter: Drop dst references before setting (git-fixes). - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-fixes). - netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes). - nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408). - nilfs2: fix OOB in nilfs_set_de_type (git-fixes). - nilfs2: fix OOB in nilfs_set_de_type (git-fixes). - nouveau: fix function cast warning (git-fixes). - nouveau: fix instmem race condition around ptr stores (git-fixes). - nvdimm/namespace: drop nested variable in create_namespace_pmem() (git-fixes). - nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes). - nvdimm: Fix badblocks clear off-by-one error (git-fixes). - nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes). - nvdimm: Fix firmware activation deadlock scenarios (git-fixes). - nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git-fixes). - pci_iounmap(): Fix MMIO mapping leak (git-fixes). - phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes). - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes). - platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes). - powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191). - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888). - powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888). - powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191). - powerpc: Refactor verification of MSR_RI (bsc#1223191). - printk: Add this_cpu_in_panic() (bsc#1223574). - printk: Adjust mapping for 32bit seq macros (bsc#1223574). - printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574). - printk: Disable passing console lock owner completely during panic() (bsc#1223574). - printk: Drop console_sem during panic (bsc#1223574). - printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574). - printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574). - printk: Wait for all reserved records with pr_flush() (bsc#1223574). - printk: nbcon: Relocate 32bit seq macros (bsc#1223574). - printk: ringbuffer: Clarify special lpos values (bsc#1223574). - printk: ringbuffer: Cleanup reader terminology (bsc#1223574). - printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574). - printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574). - printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574). - pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes). - ring-buffer: Do not set shortest_full when full target is hit (git-fixes). - ring-buffer: Fix full_waiters_pending in poll (git-fixes). - ring-buffer: Fix resetting of shortest_full (git-fixes). - ring-buffer: Fix waking up ring buffer readers (git-fixes). - ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes). - ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes). - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes). - s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875). - s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785). - s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877). - s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878). - s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879). - s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784). - s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876). - s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598). - s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595). - serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes). - serial: core: Provide port lock wrappers (stable-fixes). - serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes). - serial: mxs-auart: add spinlock around changing cts state (git-fixes). - slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes). - speakup: Avoid crash on very long word (git-fixes). - speakup: Fix 8bit characters from direct synth (git-fixes). - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes). - thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes). - thunderbolt: Fix wake configurations after device unplug (stable-fixes). - tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes). - tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes). - tracing: Have saved_cmdlines arrays all in one allocation (git-fixes). - tracing: Remove precision vsnprintf() check from print event (git-fixes). - tracing: Show size of requested perf buffer (git-fixes). - tracing: Use .flush() call to wake up readers (git-fixes). - usb: Disable USB3 LPM at shutdown (stable-fixes). - usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes). - usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes). - usb: gadget: composite: fix OS descriptors w_value logic (git-fixes). - usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes). - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes). - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes). - usb: ohci: Prevent missed ohci interrupts (git-fixes). - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes). - usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes). - usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes). - usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569). - usb: typec: ucsi: Ack unsupported commands (stable-fixes). - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes). - usb: typec: ucsi: Fix connector check on init (git-fixes). - usb: udc: remove warning when queue disabled ep (stable-fixes). - vdpa/mlx5: Allow CVQ size changes (git-fixes). - virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949). - wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes). - wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes). - wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes). - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes). - wifi: nl80211: do not free NULL coalescing rule (git-fixes). - x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes). - x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes). - x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes). - x86/xen: Add some null pointer checking to smp.c (git-fixes). - x86/xen: add CPU dependencies for 32-bit build (git-fixes). - x86/xen: fix percpu vcpu_info allocation (git-fixes). - xen-netback: properly sync TX responses (git-fixes). - xen-netfront: Add missing skb_mark_for_recycle (git-fixes). - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git-fixes). - xen/xenbus: document will_handle argument for xenbus_watch_path() (git-fixes). - xfrm6: fix inet6_dev refcount underflow problem (git-fixes).

Affected Systems

opensuse•dtb-aarch64&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.1
opensuse•kernel-64kb&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2
opensuse•kernel-debug&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2
opensuse•kernel-default-base&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2.150500.6.27.2
opensuse•kernel-default&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2
opensuse•kernel-docs&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2
opensuse•kernel-kvmsmall&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2
opensuse•kernel-obs-build&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2
opensuse•kernel-obs-qa&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.1
opensuse•kernel-source&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2
opensuse•kernel-syms&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.1
opensuse•kernel-zfcpdump&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.62.2
suse•kernel-64kb&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.62.2.150500.6.27.2
suse•kernel-default-base&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.62.2.150500.6.27.2
suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.62.2
suse•kernel-default&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-default&distro=SUSE Linux Enterprise Module for Legacy 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-docs&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-livepatch-SLE15-SP5_Update_13&distro=SUSE Linux Enterprise Live Patching 15 SP5
< 1-150500.11.3.2
suse•kernel-obs-build&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-source&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-source&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 5.14.21-150500.55.62.2
suse•kernel-syms&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 5.14.21-150500.55.62.1
suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.62.2

SUSE-SU-2024:1659-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (466)