SUSE-SU-2024:2190-1

Advisory lineage Upstream: 557 Downstream: 0

Upstream

CVE-2020-36788 CVE-2021-4148 CVE-2021-43527 CVE-2021-47358 CVE-2021-47359 CVE-2021-47360

Published: 25 Jun 2024, 08:50

Last modified:04 Feb 2026, 03:07

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

25 Jun 2024, 08:50

Published

Vulnerability first disclosed

04 Feb 2026, 03:07

Last Modified

Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506) - CVE-2022-48689: Fixed data-race in lru_add_fn (bsc#1223959) - CVE-2022-48691: Fixed memory leak in netfilter (bsc#1223961) - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335). - CVE-2023-42755: Check user supplied offsets (bsc#1215702). - CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081). - CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615). - CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169). - CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187). - CVE-2023-52660: Fiedx IRQ handling due to shared interrupts (bsc#1224443). - CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747). - CVE-2023-52671: Fixed hang/underflow when transitioning to ODM4:1 (bsc#1224729). - CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727). - CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608). - CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628). - CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621) - CVE-2023-52746: Prevent potential spectre v1 gadget in xfrm_xlate32_attr() (bsc#1225114) - CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548). - CVE-2023-52795: Fixed use after free in vhost_vdpa_probe() (bsc#1225085). - CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930). - CVE-2023-52807: Fixed out-of-bounds access may occur when coalesce info is read via debugfs (bsc#1225097). - CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936). - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447). - CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). - CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385). - CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464). - CVE-2024-26700: Fixed drm/amd/display: Fix MST Null Ptr for RV (bsc#1222870) - CVE-2024-26715: Fixed NULL pointer dereference in dwc3_gadget_suspend (bsc#1222561). - CVE-2024-26742: Fixed disable_managed_interrupts (git-fixes bsc#1222608). - CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627). - CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765) - CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770) - CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793) - CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011). - CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084). - CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975) - CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119). - CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046). - CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203). - CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207) - CVE-2024-26919: Fixed debugfs directory leak (bsc#1223847). - CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138). - CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390). - CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532). - CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679). - CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653). - CVE-2024-27042: Fixed potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (bsc#1223823). - CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098). - CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096). - CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174). - CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181). - CVE-2024-27413: Fixed incorrect allocation size (bsc#1224438). - CVE-2024-27417: Fixed potential 'struct net' leak in inet6_rtm_getaddr() (bsc#1224721) - CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759) - CVE-2024-27431: Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718). - CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725). - CVE-2024-35799: Prevent crash when disable stream (bsc#1224740). - CVE-2024-35804: Mark target gfn of emulated atomic instruction as dirty (bsc#1224638). - CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1224736). - CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502). - CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636). - CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). - CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765,). - CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668). - CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667). - CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664). - CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678). - CVE-2024-35869: Guarantee refcounted children from parent session (bsc#1224679). - CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224020, bsc#1224672). - CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530). - CVE-2024-35875: Require seeding RNG with RDRAND on CoCo systems (bsc#1224665). - CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525). - CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671). - CVE-2024-35879: kABI workaround for drivers/of/dynamic.c (bsc#1224524). - CVE-2024-35885: Stop interface during shutdown (bsc#1224519). - CVE-2024-35904: Fixed dereference of garbage after mount failure (bsc#1224494). - CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488). - CVE-2024-35907: Call request_irq() after NAPI initialized (bsc#1224492). - CVE-2024-35924: Limit read size on v1.2 (bsc#1224657). - CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535). - CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649). - CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648). - CVE-2024-35951: Fixed the error path in panfrost_mmu_map_fault_addr() (bsc#1224701). - CVE-2024-35959: Fixed mlx5e_priv_init() cleanup flow (bsc#1224666). - CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581). - CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580). - CVE-2024-35973: Fixed header validation in geneve[6]_xmit_skb (bsc#1224586). - CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575). - CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549). - CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550). - CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541). - CVE-2024-36007: Fixed warning during rehash (bsc#1224543). - CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761). The following non-security bugs were fixed: - 9p: explicitly deny setlease attempts (git-fixes). - ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes). - ACPI: disable -Wstringop-truncation (git-fixes). - ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes). - ACPI: LPSS: Advertise number of chip selects via property (git-fixes). - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes). - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384). - af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384). - af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384). - ALSA: core: Fix NULL module pointer assignment at card init (git-fixes). - ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes). - ALSA: line6: Zero-initialize message buffers (stable-fixes). - ARM: 9381/1: kasan: clear stale stack poison (git-fixes). - ASoC: Intel: avs: Fix ASRC module initialization (git-fixes). - ASoC: Intel: avs: Fix potential integer overflow (git-fixes). - ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes). - ASoC: Intel: Disable route checks for Skylake boards (git-fixes). - ASoC: kirkwood: Fix potential NULL dereference (git-fixes). - ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes). - ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes). - ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes). - ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes). - ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes). - ata: pata_legacy: make legacy_exit() work again (git-fixes). - ata: sata_gemini: Check clk_enable() result (stable-fixes). - autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166). - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes). - Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() (git-fixes). - Bluetooth: hci_sync: Do not double print name in add/remove adv_monitor (bsc#1216358). - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes). - Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes). - Bluetooth: qca: add missing firmware sanity checks (git-fixes). - Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes). - Bluetooth: qca: fix firmware check error path (git-fixes). - Bluetooth: qca: fix info leak when fetching fw build id (git-fixes). - Bluetooth: qca: fix NVM configuration parsing (git-fixes). - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes) - bpf: decouple prune and jump points (bsc#1225756). - bpf: fix precision backtracking instruction iteration (bsc#1225756). - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes). - bpf: handle ldimm64 properly in check_cfg() (bsc#1225756). - bpf: mostly decouple jump history management from is_state_visited() (bsc#1225756). - bpf: remove unnecessary prune and jump points (bsc#1225756). - btrfs: add error messages to all unrecognized mount options (git-fixes) - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes) - btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes) - btrfs: extend locking to all space_info members accesses (git-fixes) - btrfs: fix btrfs_submit_compressed_write cgroup attribution (git-fixes) - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes) - btrfs: fix missing blkdev_put() call in btrfs_scan_one_device() (git-fixes) - btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes) - btrfs: fix qgroup reserve overflow the qgroup limit (git-fixes) - btrfs: fix silent failure when deleting root reference (git-fixes) - btrfs: fix use-after-free after failure to create a snapshot (git-fixes) - btrfs: free exchange changeset on failures (git-fixes) - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes) - btrfs: make search_csum_tree return 0 if we get -EFBIG (git-fixes) - btrfs: prevent copying too big compressed lzo segment (git-fixes) - btrfs: remove BUG_ON(!eie) in find_parent_nodes (git-fixes) - btrfs: remove BUG_ON() in find_parent_nodes() (git-fixes) - btrfs: repair super block num_devices automatically (git-fixes) - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling (git-fixes) - btrfs: send: ensure send_fd is writable (git-fixes) - btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes) - btrfs: send: in case of IO error log it (git-fixes) - btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes) - btrfs: tree-checker: check item_size for dev_item (git-fixes) - btrfs: tree-checker: check item_size for inode_item (git-fixes) - cifs: account for primary channel in the interface list (bsc#1224020). - cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1224020). - cifs: distribute channels across interfaces based on speed (bsc#1224020). - cifs: do not pass cifs_sb when trying to add channels (bsc#1224020). - cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1224020). - cifs: fix charset issue in reconnection (bsc#1224020). - cifs: fix leak of iface for primary channel (git-fixes, bsc#1224020). - cifs: handle cases where a channel is closed (bsc#1224020). - cifs: handle cases where multiple sessions share connection (bsc#1224020). - cifs: reconnect work should have reference on server struct (bsc#1224020). - clk: Do not hold prepare_lock when calling kref_put() (stable-fixes). - clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes). - counter: stm32-lptimer-cnt: Provide defines for clock polarities (git-fixes). - counter: stm32-timer-cnt: Provide defines for slave mode selection (git-fixes). - cppc_cpufreq: Fix possible null pointer dereference (git-fixes). - cpu/hotplug: Remove the 'cpu' member of cpuhp_cpu_state (git-fixes). - cpumask: Add for_each_cpu_from() (bsc#1225053). - crypto: bcm - Fix pointer arithmetic (git-fixes). - crypto: ccp - drop platform ifdef checks (git-fixes). - crypto: ecdsa - Fix module auto-load on add-key (git-fixes). - crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes). - crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes). - crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes). - dmaengine: axi-dmac: fix possible race in remove() (git-fixes). - dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes). - dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes). - dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575). - docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes). - drivers/nvme: Add quirks for device 126f:2262 (git-fixes). - drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes). - drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes). - drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes). - drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes). - drm/amd: Flush GFXOFF requests in prepare stage (git-fixes). - drm/amdgpu: Refine IB schedule error logging (stable-fixes). - drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes). - drm/arm/malidp: fix a possible null pointer dereference (git-fixes). - drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes). - drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes). - drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes). - drm/connector: Add \n to message about demoting connector force-probes (git-fixes). - drm/i915/bios: Fix parsing backlight BDB data (git-fixes). - drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes). - drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes). - drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes). - drm/meson: dw-hdmi: power up phy on device init (git-fixes). - drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes). - drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes). - drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes). - drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes). - drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes). - drm/panel: atna33xc20: Fix unbalanced regulator in the case HPD does not assert (git-fixes). - drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes). - drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes). - drm: vc4: Fix possible null pointer dereference (git-fixes). - dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes) - dyndbg: fix old BUG_ON in >control parser (stable-fixes). - efi: libstub: only free priv.runtime_map when allocated (git-fixes). - extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes). - fail_function: fix wrong use of fei_attr_remove(). - fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes). - fbdev: shmobile: fix snprintf truncation (git-fixes). - fbdev: sisfb: hide unused variables (git-fixes). - firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes). - firmware: dmi-id: add a release callback function (git-fixes). - firmware: raspberrypi: Use correct device for DMA mappings (git-fixes). - fs/9p: drop inodes immediately on non-.L too (git-fixes). - fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes). - fs/9p: translate O_TRUNC into OTRUNC (git-fixes). - gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes). - gpio: wcove: Use -ENOTSUPP consistently (stable-fixes). - gpu: host1x: Do not setup DMA for virtual devices (stable-fixes). - HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes). - hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes). - hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes). - hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes). - hwmon: (lm70) fix links in doc and comments (git-fixes). - hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes). - i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes). - i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes). - IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes) - idpf: extend tx watchdog timeout (bsc#1224137). - iio: core: Leave private pointer NULL when no private data supplied (git-fixes). - iio: pressure: dps310: support negative temperature values (git-fixes). - Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes). - Input: ims-pcu - fix printf string overflow (git-fixes). - Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes). - iomap: Fix inline extent handling in iomap_readpage (git-fixes) - iomap: iomap: fix memory corruption when recording errors during writeback (git-fixes) - iomap: Support partial direct I/O on user copy failures (git-fixes) - iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331) - io_uring/unix: drop usage of io_uring socket (git-fixes). - irqchip/gic-v3-its: Prevent double free on error (git-fixes). - jffs2: prevent xattr node from overflowing the eraseblock (git-fixes). - kABI: bpf: struct bpf_insn_aux_data kABI workaround (bsc#1225756). - kcm: do not sense pfmemalloc status in kcm_sendpage() (git-fixes bsc#1223959) - KEYS: trusted: Do not use WARN when encode fails (git-fixes). - KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes). - KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224794). - leds: pwm: Disable PWM when going to suspend (git-fixes). - libsubcmd: Fix parse-options memory leak (git-fixes). - locking/atomic: Make test_and_*_bit() ordered on failure (git-fixes). - media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes). - media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes). - media: mc: mark the media devnode as registered from the, start (git-fixes). - media: ngene: Add dvb_ca_en50221_init return value check (git-fixes). - media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes). - mei: me: add lunar lake point M DID (stable-fixes). - mfd: intel-lpss: Revert 'Add missing check for platform_get_resource' (git-fixes). - mfd: ti_am335x_tscadc: Support the correctly spelled DT property (git-fixes). - mfd: tqmx86: Specify IO port register range more precisely (git-fixes). - mlxbf_gige: Enable the GigE port in mlxbf_gige_open (git-fixes). - mlxbf_gige: Fix intermittent no ip issue (git-fixes). - mlxbf_gige: stop PHY during open() error paths (git-fixes). - mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes). - mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes). - Move upstreamed patches into sorted section - mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes). - mtd: rawnand: hynix: fixed typo (git-fixes). - net: do not sense pfmemalloc status in skb_append_pagefrags() (git-fixes bsc#1223959) - netfilter: nf_tables: bail out early if hardware offload is not supported (git-fixes bsc#1223961) - net: introduce __skb_fill_page_desc_noacc (git-fixes bsc#1223959) - net: nfc: remove inappropriate attrs check (stable-fixes). - net: qualcomm: rmnet: fix global oob in rmnet_policy (git-fixes). - net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes). - net:usb:qmi_wwan: support Rolling modules (stable-fixes). - net: usb: smsc95xx: stop lying about skb->truesize (git-fixes). - net: usb: sr9700: stop lying about skb->truesize (git-fixes). - net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360). - nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes). - nfc: nci: Fix uninit-value in nci_rx_work (git-fixes). - nilfs2: fix out-of-range warning (git-fixes). - nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes). - nilfs2: fix use-after-free of timer for log writer thread (git-fixes). - nilfs2: make superblock data array index computation sparse friendly (git-fixes). - nvme: ensure disabling pairs with unquiesce (bsc#1224534). - nvme: fix miss command type check (git-fixes). - nvme: fix multipath batched completion accounting (git-fixes). - nvme-multipath: fix io accounting on failover (git-fixes). - nvmet: fix ns enable/disable possible hang (git-fixes). - PCI: dwc: Detect iATU settings after getting 'addr_space' resource (git-fixes). - PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes). - PCI: dwc: Use the bitmap API to allocate bitmaps (git-fixes). - PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes). - PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes). - PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes). - PCI: tegra194: Fix probe path for Endpoint mode (git-fixes). - pinctrl: armada-37xx: remove an unused variable (git-fixes). - pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes). - pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin() (stable-fixes). - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes). - pinctrl/meson: fix typo in PDM's pin name (git-fixes). - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes). - platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes). - platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes). - powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740). - powerpc/eeh: Small refactor of eeh_handle_normal_event() (bsc#1223991 ltc#205740). - powerpc/eeh: Use a goto for recovery failures (bsc#1223991 ltc#205740). - powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729). - powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes). - powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783). - powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869). - powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869). - power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes). - ppdev: Add an error check in register_device (git-fixes). - printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616). - qibfs: fix dentry leak (git-fixes) - RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes) - RDMA/hns: Fix deadlock on SRQ async events. (git-fixes) - RDMA/hns: Fix GMV table pagesize (git-fixes) - RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes) - RDMA/hns: Fix UAF for cq async event (git-fixes) - RDMA/hns: Modify the print level of CQE error (git-fixes) - RDMA/hns: Use complete parentheses in macros (git-fixes) - RDMA/IPoIB: Fix format truncation compilation errors (git-fixes) - RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes) - RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes) - RDMA/rxe: Add ibdev_dbg macros for rxe (git-fixes) - RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes) - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes) - RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes) - RDMA/rxe: Replace pr_xxx by rxe_dbg_xxx in rxe_net.c (git-fixes) - RDMA/rxe: Split rxe_run_task() into two subroutines (git-fixes) - regulator: bd71828: Do not overwrite runtime voltages (git-fixes). - regulator: core: fix debugfs creation regression (git-fixes). - regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes). - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes). - Revert 'cifs: reconnect work should have reference on server struct' (git-fixes, bsc#1224020). - Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes). - ring-buffer: Fix a race between readers and resize checks (git-fixes). - s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224795). - s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224796). - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224346). - s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225139). - s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225138). - sched/topology: Optimize topology_span_sane() (bsc#1225053). - scsi: arcmsr: Support new PCI device IDs 1883 and 1886 (git-fixes). - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes). - scsi: core: Consult supported VPD page list prior to fetching page (git-fixes). - scsi: core: Fix unremoved procfs host directory regression (git-fixes). - scsi: csiostor: Avoid function pointer casts (git-fixes). - scsi: libfc: Do not schedule abort twice (git-fixes). - scsi: libfc: Fix up timeout error in fc_fcp_rec_error() (git-fixes). - scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842). - scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842). - scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842). - scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842). - scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842). - scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842). - scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842). - scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842). - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes). - scsi: mylex: Fix sysfs buffer lengths (git-fixes). - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes). - scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes). - selftests/pidfd: Fix config for pidfd_setns_test (git-fixes). - serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes). - serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes). - serial: max3100: Fix bitwise types (git-fixes). - serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes). - serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes). - serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes). - serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes). - smb3: show beginning time for per share stats (bsc#1224020). - smb: client: ensure to try all targets when finding nested links (bsc#1224020). - smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1224020). - smb: client: get rid of dfs code dep in namespace.c (bsc#1224020). - smb: client: get rid of dfs naming in automount code (bsc#1224020). - smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1224020). - smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1224020). - smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1224020). - smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1224020). - soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes). - soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes). - Sort recent BHI patches - speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes). - spmi: Add a check for remove callback when removing a SPMI driver (git-fixes). - spmi: hisi-spmi-controller: Do not override device identifier (git-fixes). - swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331). - swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331) - swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331) - swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331) - sysv: do not call sb_bread() with pointers_lock held (git-fixes). - thermal/drivers/tsens: Fix null pointer dereference (git-fixes). - tools/latency-collector: Fix -Wformat-security compile warns (git-fixes). - tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer (bsc#1225535) - tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes). - tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes). - tracing: hide unused ftrace_event_id_fops (git-fixes). - tty: n_gsm: fix missing receive state reset after mode switch (git-fixes). - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes). - usb: aqc111: stop lying about skb->truesize (git-fixes). - USB: core: Add hub_get() and hub_put() routines (git-fixes). - USB: core: Fix access violation during port device removal (git-fixes). - USB: core: Fix deadlock in port 'disable' sysfs attribute (git-fixes). - usb: dwc3: core: Prevent phy suspend during init (Git-fixes). - usb: gadget: u_audio: Clear uac pointer when freed (git-fixes). - usb: typec: tipd: fix event checking for tps6598x (git-fixes). - usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes). - VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes). - VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes). - vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes). - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes). - watchdog: ixp4xx: Make sure restart always works (git-fixes). - watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes). - wifi: ar5523: enable proper endpoint verification (git-fixes). - wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes). - wifi: ath10k: poll service ready message before failing (git-fixes). - wifi: ath10k: populate board data for WCN3990 (git-fixes). - wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes). - wifi: carl9170: add a proper sanity check for endpoints (git-fixes). - wifi: carl9170: re-fix fortified-memset warning (git-fixes). - wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes). - wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes). - wifi: mwl8k: initialize cmd->addr[] properly (git-fixes). - x86/boot: Ignore NMIs during very early boot (git-fixes). - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (git-fixes). - x86/bugs: Fix BHI documentation (git-fixes). - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - x86/bugs: Fix BHI retpoline check (git-fixes). - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram (git-fixes). - x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes). - x86/lib: Fix overflow when counting digits (git-fixes). - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes). - x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes). - x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes). - x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes). - x86/sme: Fix memory encryption setting if enabled by default and not overridden (git-fixes). - x86/tdx: Preserve shared bit on mprotect() (git-fixes). - xfs: fix exception caused by unexpected illegal bestcount in leaf dir (git-fixes). - xfs: Fix false ENOSPC when performing direct write on a delalloc extent in cow fork (git-fixes). - xfs: fix imprecise logic in xchk_btree_check_block_owner (git-fixes). - xfs: fix inode reservation space for removing transaction (git-fixes). - xfs: shrink failure needs to hold AGI buffer (git-fixes).

Affected Systems

opensuse•dtb-aarch64&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-64kb&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-debug&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-default-base&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1.150500.6.31.1
opensuse•kernel-default&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-docs&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-kvmsmall&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-obs-build&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-obs-qa&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-source&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-syms&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
opensuse•kernel-zfcpdump&distro=openSUSE Leap 15.5
< 5.14.21-150500.55.68.1
suse•kernel-64kb&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.68.1.150500.6.31.1
suse•kernel-default-base&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.68.1.150500.6.31.1
suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.68.1
suse•kernel-default&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-default&distro=SUSE Linux Enterprise Module for Legacy 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-docs&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-livepatch-SLE15-SP5_Update_15&distro=SUSE Linux Enterprise Live Patching 15 SP5
< 1-150500.11.3.1
suse•kernel-obs-build&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-source&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-source&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-syms&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
< 5.14.21-150500.55.68.1
suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
< 5.14.21-150500.55.68.1

SUSE-SU-2024:2190-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (1157)