SUSE-SU-2024:3569-1

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done (bsc#1229607). - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633). - CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662) - CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619) - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610). - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269). - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650). - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340). - CVE-2024-26767: drm/amd/display: fixed integer types and null check locations (bsc#1230339). - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629). - CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973). - CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875). - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846). - CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890). - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819). - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082). - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507). - CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156) - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364). - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363). - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362). - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394). - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764). - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753). - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830) - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790). - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810). - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899). - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180). - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178). - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209). - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211). - CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230) - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185). - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192). - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193). - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194). - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171). - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233). - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245). - CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175). - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248). - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). - CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444) - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431). - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451). - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506). - CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507). - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549). - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556). - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515) - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517). - CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524) - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589) - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (bsc#1230582). - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700). - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719). - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710) - CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703) - CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701) - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756). - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786). - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794). - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796). - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772). - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810). - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815). - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825). - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120). - CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (bsc#1231116). The following non-security bugs were fixed: - ACPI: battery: create alarm sysfs attribute atomically (git-fixes). - ACPI: CPPC: Fix MASK_VAL() usage (git-fixes). - ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes). - ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes). - ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes). - ACPI: SBS: manage alarm sysfs attribute through psy core (git-fixes). - ACPI: sysfs: validate return type of _STR method (git-fixes). - af_unix: annotate lockless accesses to sk->sk_err (bsc#1226846). - af_unix: Fix data races around sk->sk_shutdown (bsc#1226846). - af_unix: Fix data-races around sk->sk_shutdown (git-fixes). - ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes). - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes). - ALSA: hda/conexant: Mute speakers at suspend / shutdown (stable-fixes). - ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (stable-fixes). - ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes). - apparmor: fix possible NULL pointer dereference (stable-fixes). - arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes). - arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes). - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes). - arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes). - arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585) - arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585) - arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585) - arm64: tlb: Fix TLBI RANGE operand (bsc#1229585) - arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585) - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes). - ASoC: meson: axg-card: fix 'use-after-free' (git-fixes). - ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes). - ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes). - ASoC: tegra: Fix CBB error during probe() (git-fixes). - ASoC: topology: Properly initialize soc_enum values (stable-fixes). - ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes). - ata: pata_macio: Use WARN instead of BUG (stable-fixes). - blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600). - blk-mq: add number of queue calc helper (bsc#1229034). - blk-mq: Build default queue map via group_cpus_evenly() (bsc#1229031). - blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600). - blk-mq: introduce blk_mq_dev_map_queues (bsc#1229034). - blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1229034). - blk-mq: use hk cpus only when isolcpus=io_queue is enabled (bsc#1229034). - Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes). - Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes). - Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes). - Bluetooth: L2CAP: Fix deadlock (git-fixes). - Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes). - cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231181). - cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231013). - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes). - can: bcm: Remove proc entry when dev is unregistered (git-fixes). - can: j1939: use correct function name in comment (git-fixes). - can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes). - cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes). - ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231180). - char: xillybus: Check USB endpoints when probing device (git-fixes). - clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes). - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes). - clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes). - cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes). - crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes). - crypto: virtio - Handle dataq logic with tasklet (git-fixes). - crypto: virtio - Wait for tasklet to complete on device remove (git-fixes). - crypto: xor - fix template benchmarking (git-fixes). - devres: Initialize an uninitialized struct member (stable-fixes). - driver core: Add debug logs when fwnode links are added/deleted (git-fixes). - driver core: Add missing parameter description to __fwnode_link_add() (git-fixes). - driver core: Create __fwnode_link_del() helper function (git-fixes). - driver core: fw_devlink: Allow marking a fwnode link as being part of a cycle (git-fixes). - driver core: fw_devlink: Consolidate device link flag computation (git-fixes). - driver core: Set deferred probe reason when deferred by driver core (git-fixes). - drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes). - Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes). - Drivers: hv: vmbus: Fix the misplaced function description (git-fixes). - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes). - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes). - drm/amd/amdgpu: Check tbo resource pointer (stable-fixes). - drm/amd/amdgpu: Properly tune the size of struct (git-fixes). - drm/amd/display: Add array index check for hdcp ddc access (stable-fixes). - drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes). - drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes). - drm/amd/display: Check denominator pbn_div before used (stable-fixes). - drm/amd/display: Check gpio_id before used as array index (stable-fixes). - drm/amd/display: Check HDCP returned status (stable-fixes). - drm/amd/display: Check msg_id before processing transcation (stable-fixes). - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes). - drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes). - drm/amd/display: Ensure index calculation will not overflow (stable-fixes). - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes). - drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes). - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes). - drm/amd/display: Spinlock before reading event (stable-fixes). - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes). - drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes). - drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes). - drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes). - drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes). - drm/amdgpu: fix a possible null pointer dereference (git-fixes). - drm/amdgpu: fix dereference after null check (stable-fixes). - drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes). - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes). - drm/amdgpu: Fix out-of-bounds write warning (stable-fixes). - drm/amdgpu: fix overflowed array index read warning (stable-fixes). - drm/amdgpu: Fix smatch static checker warning (stable-fixes). - drm/amdgpu: fix the waring dereferencing hive (stable-fixes). - drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes). - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes). - drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes). - drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes). - drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes). - drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes). - drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes). - drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes). - drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes). - drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes). - drm/amd/pm: check negtive return for table entries (stable-fixes). - drm/amd/pm: check specific index for aldebaran (stable-fixes). - drm/amd/pm: Fix negative array index read (stable-fixes). - drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes). - drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes). - drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes). - drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes). - drm/amd/pm: fix uninitialized variable warning (stable-fixes). - drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes). - drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes). - drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes). - drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes). - drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes). - drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes). - drm/meson: plane: Add error handling (stable-fixes). - drm/msm/a5xx: disable preemption in submits by default (git-fixes). - drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes). - drm/msm/a5xx: properly clear preemption records on resume (git-fixes). - drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes). - drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes). - drm/msm/disp/dpu: use atomic enable/disable callbacks for encoder (bsc#1230444) - drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes). - drm/msm: fix %s null argument error (git-fixes). - drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes). - drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes). - drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes). - drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes). - drm/rockchip: vop: Allow 4096px width scaling (git-fixes). - drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes). - exfat: fix memory leak in exfat_load_bitmap() (git-fixes). - fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes). - filemap: remove use of wait bookmarks (bsc#1224085). - firmware_loader: Block path traversal (git-fixes). - fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230592). - fuse: update stats for pages in dropped aux writeback list (bsc#1230130). - fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230129). - genirq/affinity: Do not pass irq_affinity_desc array to irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Move group_cpus_evenly() into lib/ (bsc#1229031). - genirq/affinity: Only build SMP-only helper functions on SMP kernels (bsc#1229031). - genirq/affinity: Pass affinity managed mask array to irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Remove the 'firstvec' parameter from irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Rename irq_build_affinity_masks as group_cpus_evenly (bsc#1229031). - genirq/affinity: Replace cpumask_weight() with cpumask_empty() where appropriate (bsc#1229031). - gfs2: setattr_chown: Add missing initialization (git-fixes). - HID: amd_sfh: free driver_data after destroying hid device (stable-fixes). - HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes). - hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (max16065) Fix overflows seen when writing limits (git-fixes). - hwmon: (ntc_thermistor) fix module autoloading (git-fixes). - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes). - hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes). - hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes). - hwrng: mtk - Use devm_pm_runtime_enable (git-fixes). - i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes). - i2c: Fix conditional for substituting empty ACPI functions (stable-fixes). - i2c: isch: Add missed 'else' (git-fixes). - i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes). - i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes). - i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes). - IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes) - IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock (git-fixes) - iio: adc: ad7124: fix chip ID mismatch (git-fixes). - iio: adc: ad7124: fix config comparison (git-fixes). - iio: adc: ad7606: fix oversampling gpio array (git-fixes). - iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes). - iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes). - iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes). - iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes). - iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes). - Input: ilitek_ts_i2c - add report id message validation (git-fixes). - Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes). - Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - Input: uinput - reject requests with unreasonable number of slots (stable-fixes). - ipmi: docs: do not advertise deprecated sysfs entries (git-fixes). - ipmi:ssif: Improve detecting during probing (bsc#1228771) - ipmi:ssif: Improve detecting during probing (bsc#1228771) - jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes). - kabi: add __nf_queue_get_refs() for kabi compliance. - kABI, crypto: virtio - Handle dataq logic with tasklet (git-fixes). - kthread: Fix task state in kthread worker if being frozen (bsc#1231146). - lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1229031). - lib/group_cpus.c: honor housekeeping config when grouping CPUs (bsc#1229034). - lib/group_cpus: Export group_cpus_evenly() (bsc#1229031). - lirc: rc_dev_get_from_fd(): fix file leak (git-fixes). - mailbox: bcm2835: Fix timeout during suspend mode (git-fixes). - mailbox: rockchip: fix a typo in module autoloading (git-fixes). - media: aspeed: Fix no complete irq for non-64-aligned width (bsc#1230269) - media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes). - media: qcom: camss: Fix ordering of pm_runtime_enable (git-fixes). - media: Revert 'media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()' (git-fixes). - media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes). - media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes). - media: uvcvideo: Enforce alignment of frame and interval (stable-fixes). - media: venus: fix use after free bug in venus_remove due to race condition (git-fixes). - media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes). - media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes). - media: vivid: fix wrong sizeimage value for mplane (stable-fixes). - mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes). - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes). - mmc: sdhci-of-aspeed: fix module autoloading (git-fixes). - mtd: powernv: Add check devm_kasprintf() returned value (git-fixes). - mtd: slram: insert break after errors in parsing the map (git-fixes). - net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes). - net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes). - net: missing check virtio (git-fixes). - net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes). - nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH (bsc#1199769). - NFSD: Fix frame size warning in svc_export_parse() (git-fixes). - NFS: Do not re-read the entire page cache to find the next cookie (bsc#1226662). - NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes). - NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726). - NFS: Reduce use of uncached readdir (bsc#1226662). - NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes). - nilfs2: Constify struct kobj_type (git-fixes). - nilfs2: determine empty node blocks as corrupted (git-fixes). - nilfs2: fix missing cleanup on rollforward recovery error (git-fixes). - nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes). - nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes). - nilfs2: fix state management in error path of log writing function (git-fixes). - nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes). - nilfs2: replace snprintf in show functions with sysfs_emit (git-fixes). - nilfs2: use default_groups in kobj_type (git-fixes). - nvme: move stopping keep-alive into nvme_uninit_ctrl() (git-fixes). - nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes). - nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes). - nvme-pci: use block layer helpers to calculate num of queues (bsc#1229034). - nvme: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034). - nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes). - nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes). - nvmet-tcp: do not continue for invalid icreq (git-fixes). - nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes). - nvmet-trace: avoid dereferencing pointer too early (git-fixes). - ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes). - ocfs2: fix null-ptr-deref when journal load failed (git-fixes). - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes). - ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes). - PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes). - PCI: al: Check IORESOURCE_BUS existence during probe (git-fixes). - PCI/ASPM: Move pci_function_0() upward (bsc#1226915) - PCI/ASPM: Remove struct aspm_latency (bsc#1226915) - PCI/ASPM: Stop caching device L0s, L1 acceptable exit latencies (bsc#1226915) - PCI/ASPM: Stop caching link L0s, L1 exit latencies (bsc#1226915) - PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes). - PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes). - PCI: dwc: Restore MSI Receiver mask during resume (git-fixes). - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes). - PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes). - PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes). - PCI: Support BAR sizes up to 8TB (bsc#1231017) - PCI: Wait for Link before restoring Downstream Buses (git-fixes). - PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes). - PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes). - PCI: xilinx-nwl: Fix register misspelling (git-fixes). - pcmcia: Use resource_size function on resource object (stable-fixes). - pinctrl: single: fix missing error code in pcs_probe() (git-fixes). - pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes). - PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). - platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes). - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes). - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes). - power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes). - power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes). - power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes). - power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes). - RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes) - RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes) - RDMA/efa: Properly handle unexpected AQ completions (git-fixes) - RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes) - RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes) - RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes) - RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes) - RDMA/hns: Optimize hem allocation performance (git-fixes) - RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes) - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes) - RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes) - RDMA/rtrs: Fix the problem of variable not initialized fully (git-fixes) - RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes) - Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes). - Revert 'Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE' (git-fixes). - Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (git-fixes). - Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (stable-fixes). - rtc: at91sam9: fix OF node leak in probe() error path (git-fixes). - scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223). - scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429). - scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429). - scsi: lpfc: Fix overflow build issue (bsc#1229429). - scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429). - scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429). - scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429). - scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429). - scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429). - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429). - scsi: pm8001: do not overwrite PCI queue mapping (bsc#1229034). - scsi: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034). - scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848). - scsi: use block layer helpers to calculate num of queues (bsc#1229034). - spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes). - Squashfs: sanity check symbolic link size (git-fixes). - staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes). - thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes). - tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes). - tools/virtio: fix build (git-fixes). - tpm: Clean up TPM space after command failure (git-fixes). - tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes). - tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes). - udp: fix receiving fraglist GSO packets (git-fixes). - uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes). - usb: cdnsp: Fix incorrect usb_request status (git-fixes). - USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes). - usb: dwc2: drd: fix clock gating on USB role switch (git-fixes). - usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes). - usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes). - usb: dwc3: core: Skip setting event buffers for host only controllers (git-fixes). - usb: dwc3: core: update LC timer as per USB Spec V3.2 (git-fixes). - usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes). - usb: dwc3: omap: add missing depopulate in probe error path (git-fixes). - usb: dwc3: st: add missing depopulate in probe error path (git-fixes). - usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes). - usbip: Do not submit special requests twice (stable-fixes). - usbnet: fix cyclical race on disconnect with work queue (git-fixes). - usbnet: ipheth: race between ipheth_close and error handling (git-fixes). - usbnet: modern method to get random MAC (git-fixes). - USB: serial: kobil_sct: restore initial terminal settings (git-fixes). - USB: serial: option: add MeiG Smart SRM825L (git-fixes). - usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes). - usb: uas: set host status byte on data completion error (git-fixes). - usb: uas: set host status byte on data completion error (stable-fixes). - USB: usbtmc: prevent kernel-usb-infoleak (git-fixes). - usb: xhci: fix loss of data on Cadence xHC (git-fixes). - vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes). - vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes). - virito: add APIs for retrieving vq affinity (bsc#1229034). - virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes). - virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1229034). - virtio: blk/scs: replace blk_mq_virtio_map_queues with blk_mq_dev_map_queues (bsc#1229034). - virtiofs: forbid newlines in tags (bsc#1230591). - virtio_net: checksum offloading handling fix (git-fixes). - virtio_net: Fix ''%d' directive writing between 1 and 11 bytes into a region of size 10' warnings (git-fixes). - virtio_net: use u64_stats_t infra to avoid data-races (git-fixes). - virtio: reenable config if freezing device failed (git-fixes). - virtio/vsock: fix logic which reduces credit update messages (git-fixes). - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes). - vsock/virtio: add support for device suspend/resume (git-fixes). - vsock/virtio: factor our the code to initialize and delete VQs (git-fixes). - vsock/virtio: initialize the_virtio_vsock before using VQs (git-fixes). - vsock/virtio: remove socket from connected/bound list on shutdown (git-fixes). - watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes). - wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes). - wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes). - wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes). - wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes). - wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes). - wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes). - wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes). - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes). - wifi: rtw88: 8822c: Fix reported RX band width (git-fixes). - wifi: rtw88: always wait for both firmware loading attempts (git-fixes). - wifi: rtw88: remove CPT execution branch never used (git-fixes). - wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes). - x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes). - x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382). - x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382). - x86/xen: Convert comma to semicolon (git-fixes). - xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003). - xen: allow mapping ACPI data using a different physical address (bsc#1226003). - xen: introduce generic helper checking for memory map conflicts (bsc#1226003). - xen: move checks for e820 conflicts further up (bsc#1226003). - xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003). - xen/swiotlb: add alignment check for dma buffers (bsc#1229928). - xen/swiotlb: fix allocated size (git-fixes). - xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003). - xen: use correct end address of kernel for conflict checking (bsc#1226003). - xfs: do not include bnobt blocks when reserving free block pool (git-fixes). - xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes). - xz: cleanup CRC32 edits from 2018 (git-fixes).

Affected Systems

• opensuse•kernel-default-base&distro=openSUSE Leap Micro 5.5

  < 5.14.21-150500.55.83.1.150500.6.37.1

• opensuse•kernel-default&distro=openSUSE Leap Micro 5.5

  < 5.14.21-150500.55.83.1

• suse•kernel-64kb&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5

  < 5.14.21-150500.55.83.1.150500.6.37.1

• suse•kernel-default-base&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5

  < 5.14.21-150500.55.83.1.150500.6.37.1

• suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.5

  < 5.14.21-150500.55.83.1

• suse•kernel-default&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-default&distro=SUSE Linux Enterprise Module for Legacy 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-docs&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-livepatch-SLE15-SP5_Update_20&distro=SUSE Linux Enterprise Live Patching 15 SP5

  < 1-150500.11.3.1

• suse•kernel-obs-build&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-source&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-source&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-syms&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5

  < 5.14.21-150500.55.83.1

• suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5

  < 5.14.21-150500.55.83.1

References (295)

• https://www.suse.com/support/update/announcement/2024/suse-su-20243569-1/
• https://bugzilla.suse.com/1199769
• https://bugzilla.suse.com/1216223
• https://bugzilla.suse.com/1220382
• https://bugzilla.suse.com/1221610
• https://bugzilla.suse.com/1221650
• https://bugzilla.suse.com/1222629
• https://bugzilla.suse.com/1222973
• https://bugzilla.suse.com/1223600
• https://bugzilla.suse.com/1223848
• https://bugzilla.suse.com/1224085
• https://bugzilla.suse.com/1225903
• https://bugzilla.suse.com/1226003
• https://bugzilla.suse.com/1226606
• https://bugzilla.suse.com/1226662
• https://bugzilla.suse.com/1226666
• https://bugzilla.suse.com/1226846
• https://bugzilla.suse.com/1226860
• https://bugzilla.suse.com/1226875
• https://bugzilla.suse.com/1226915
• https://bugzilla.suse.com/1227487
• https://bugzilla.suse.com/1227726
• https://bugzilla.suse.com/1227819
• https://bugzilla.suse.com/1227832
• https://bugzilla.suse.com/1227890
• https://bugzilla.suse.com/1228507
• https://bugzilla.suse.com/1228576
• https://bugzilla.suse.com/1228620
• https://bugzilla.suse.com/1228771
• https://bugzilla.suse.com/1229031
• https://bugzilla.suse.com/1229034
• https://bugzilla.suse.com/1229086
• https://bugzilla.suse.com/1229156
• https://bugzilla.suse.com/1229289
• https://bugzilla.suse.com/1229334
• https://bugzilla.suse.com/1229362
• https://bugzilla.suse.com/1229363
• https://bugzilla.suse.com/1229364
• https://bugzilla.suse.com/1229394
• https://bugzilla.suse.com/1229429
• https://bugzilla.suse.com/1229453
• https://bugzilla.suse.com/1229572
• https://bugzilla.suse.com/1229573
• https://bugzilla.suse.com/1229585
• https://bugzilla.suse.com/1229607
• https://bugzilla.suse.com/1229619
• https://bugzilla.suse.com/1229633
• https://bugzilla.suse.com/1229662
• https://bugzilla.suse.com/1229753
• https://bugzilla.suse.com/1229764
• https://bugzilla.suse.com/1229790
• https://bugzilla.suse.com/1229810
• https://bugzilla.suse.com/1229830
• https://bugzilla.suse.com/1229899
• https://bugzilla.suse.com/1229928
• https://bugzilla.suse.com/1229947
• https://bugzilla.suse.com/1230015
• https://bugzilla.suse.com/1230129
• https://bugzilla.suse.com/1230130
• https://bugzilla.suse.com/1230170
• https://bugzilla.suse.com/1230171
• https://bugzilla.suse.com/1230174
• https://bugzilla.suse.com/1230175
• https://bugzilla.suse.com/1230176
• https://bugzilla.suse.com/1230178
• https://bugzilla.suse.com/1230180
• https://bugzilla.suse.com/1230185
• https://bugzilla.suse.com/1230192
• https://bugzilla.suse.com/1230193
• https://bugzilla.suse.com/1230194
• https://bugzilla.suse.com/1230200
• https://bugzilla.suse.com/1230204
• https://bugzilla.suse.com/1230209
• https://bugzilla.suse.com/1230211
• https://bugzilla.suse.com/1230212
• https://bugzilla.suse.com/1230217
• https://bugzilla.suse.com/1230224
• https://bugzilla.suse.com/1230230
• https://bugzilla.suse.com/1230233
• https://bugzilla.suse.com/1230244
• https://bugzilla.suse.com/1230245
• https://bugzilla.suse.com/1230247
• https://bugzilla.suse.com/1230248
• https://bugzilla.suse.com/1230269
• https://bugzilla.suse.com/1230339
• https://bugzilla.suse.com/1230340
• https://bugzilla.suse.com/1230392
• https://bugzilla.suse.com/1230398
• https://bugzilla.suse.com/1230431
• https://bugzilla.suse.com/1230433
• https://bugzilla.suse.com/1230434
• https://bugzilla.suse.com/1230440
• https://bugzilla.suse.com/1230442
• https://bugzilla.suse.com/1230444
• https://bugzilla.suse.com/1230450
• https://bugzilla.suse.com/1230451
• https://bugzilla.suse.com/1230454
• https://bugzilla.suse.com/1230506
• https://bugzilla.suse.com/1230507
• https://bugzilla.suse.com/1230511
• https://bugzilla.suse.com/1230515
• https://bugzilla.suse.com/1230517
• https://bugzilla.suse.com/1230524
• https://bugzilla.suse.com/1230533
• https://bugzilla.suse.com/1230535
• https://bugzilla.suse.com/1230549
• https://bugzilla.suse.com/1230556
• https://bugzilla.suse.com/1230582
• https://bugzilla.suse.com/1230589
• https://bugzilla.suse.com/1230591
• https://bugzilla.suse.com/1230592
• https://bugzilla.suse.com/1230699
• https://bugzilla.suse.com/1230700
• https://bugzilla.suse.com/1230701
• https://bugzilla.suse.com/1230702
• https://bugzilla.suse.com/1230703
• https://bugzilla.suse.com/1230705
• https://bugzilla.suse.com/1230706
• https://bugzilla.suse.com/1230707
• https://bugzilla.suse.com/1230709
• https://bugzilla.suse.com/1230710
• https://bugzilla.suse.com/1230711
• https://bugzilla.suse.com/1230712
• https://bugzilla.suse.com/1230719
• https://bugzilla.suse.com/1230724
• https://bugzilla.suse.com/1230725
• https://bugzilla.suse.com/1230730
• https://bugzilla.suse.com/1230731
• https://bugzilla.suse.com/1230732
• https://bugzilla.suse.com/1230733
• https://bugzilla.suse.com/1230747
• https://bugzilla.suse.com/1230748
• https://bugzilla.suse.com/1230751
• https://bugzilla.suse.com/1230752
• https://bugzilla.suse.com/1230756
• https://bugzilla.suse.com/1230761
• https://bugzilla.suse.com/1230766
• https://bugzilla.suse.com/1230767
• https://bugzilla.suse.com/1230768
• https://bugzilla.suse.com/1230771
• https://bugzilla.suse.com/1230772
• https://bugzilla.suse.com/1230776
• https://bugzilla.suse.com/1230783
• https://bugzilla.suse.com/1230786
• https://bugzilla.suse.com/1230791
• https://bugzilla.suse.com/1230794
• https://bugzilla.suse.com/1230796
• https://bugzilla.suse.com/1230802
• https://bugzilla.suse.com/1230806
• https://bugzilla.suse.com/1230808
• https://bugzilla.suse.com/1230810
• https://bugzilla.suse.com/1230812
• https://bugzilla.suse.com/1230813
• https://bugzilla.suse.com/1230814
• https://bugzilla.suse.com/1230815
• https://bugzilla.suse.com/1230821
• https://bugzilla.suse.com/1230825
• https://bugzilla.suse.com/1230830
• https://bugzilla.suse.com/1231013
• https://bugzilla.suse.com/1231017
• https://bugzilla.suse.com/1231116
• https://bugzilla.suse.com/1231120
• https://bugzilla.suse.com/1231146
• https://bugzilla.suse.com/1231180
• https://bugzilla.suse.com/1231181
• https://www.suse.com/security/cve/CVE-2022-48901
• https://www.suse.com/security/cve/CVE-2022-48911
• https://www.suse.com/security/cve/CVE-2022-48923
• https://www.suse.com/security/cve/CVE-2022-48935
• https://www.suse.com/security/cve/CVE-2022-48944
• https://www.suse.com/security/cve/CVE-2022-48945
• https://www.suse.com/security/cve/CVE-2023-52610
• https://www.suse.com/security/cve/CVE-2023-52916
• https://www.suse.com/security/cve/CVE-2024-26640
• https://www.suse.com/security/cve/CVE-2024-26759
• https://www.suse.com/security/cve/CVE-2024-26767
• https://www.suse.com/security/cve/CVE-2024-26804
• https://www.suse.com/security/cve/CVE-2024-26837
• https://www.suse.com/security/cve/CVE-2024-37353
• https://www.suse.com/security/cve/CVE-2024-38538
• https://www.suse.com/security/cve/CVE-2024-38596
• https://www.suse.com/security/cve/CVE-2024-38632
• https://www.suse.com/security/cve/CVE-2024-40910
• https://www.suse.com/security/cve/CVE-2024-40973
• https://www.suse.com/security/cve/CVE-2024-40983
• https://www.suse.com/security/cve/CVE-2024-41062
• https://www.suse.com/security/cve/CVE-2024-41082
• https://www.suse.com/security/cve/CVE-2024-42154
• https://www.suse.com/security/cve/CVE-2024-42259
• https://www.suse.com/security/cve/CVE-2024-42265
• https://www.suse.com/security/cve/CVE-2024-42304
• https://www.suse.com/security/cve/CVE-2024-42305
• https://www.suse.com/security/cve/CVE-2024-42306
• https://www.suse.com/security/cve/CVE-2024-43828
• https://www.suse.com/security/cve/CVE-2024-43835
• https://www.suse.com/security/cve/CVE-2024-43890
• https://www.suse.com/security/cve/CVE-2024-43898
• https://www.suse.com/security/cve/CVE-2024-43912
• https://www.suse.com/security/cve/CVE-2024-43914
• https://www.suse.com/security/cve/CVE-2024-44935
• https://www.suse.com/security/cve/CVE-2024-44944
• https://www.suse.com/security/cve/CVE-2024-44946
• https://www.suse.com/security/cve/CVE-2024-44948
• https://www.suse.com/security/cve/CVE-2024-44950
• https://www.suse.com/security/cve/CVE-2024-44952
• https://www.suse.com/security/cve/CVE-2024-44954
• https://www.suse.com/security/cve/CVE-2024-44967
• https://www.suse.com/security/cve/CVE-2024-44969
• https://www.suse.com/security/cve/CVE-2024-44970
• https://www.suse.com/security/cve/CVE-2024-44971
• https://www.suse.com/security/cve/CVE-2024-44972
• https://www.suse.com/security/cve/CVE-2024-44977
• https://www.suse.com/security/cve/CVE-2024-44982
• https://www.suse.com/security/cve/CVE-2024-44986
• https://www.suse.com/security/cve/CVE-2024-44987
• https://www.suse.com/security/cve/CVE-2024-44988
• https://www.suse.com/security/cve/CVE-2024-44989
• https://www.suse.com/security/cve/CVE-2024-44990
• https://www.suse.com/security/cve/CVE-2024-44998
• https://www.suse.com/security/cve/CVE-2024-44999
• https://www.suse.com/security/cve/CVE-2024-45000
• https://www.suse.com/security/cve/CVE-2024-45001
• https://www.suse.com/security/cve/CVE-2024-45003
• https://www.suse.com/security/cve/CVE-2024-45006
• https://www.suse.com/security/cve/CVE-2024-45007
• https://www.suse.com/security/cve/CVE-2024-45008
• https://www.suse.com/security/cve/CVE-2024-45011
• https://www.suse.com/security/cve/CVE-2024-45013
• https://www.suse.com/security/cve/CVE-2024-45015
• https://www.suse.com/security/cve/CVE-2024-45018
• https://www.suse.com/security/cve/CVE-2024-45020
• https://www.suse.com/security/cve/CVE-2024-45021
• https://www.suse.com/security/cve/CVE-2024-45026
• https://www.suse.com/security/cve/CVE-2024-45028
• https://www.suse.com/security/cve/CVE-2024-45029
• https://www.suse.com/security/cve/CVE-2024-46673
• https://www.suse.com/security/cve/CVE-2024-46674
• https://www.suse.com/security/cve/CVE-2024-46675
• https://www.suse.com/security/cve/CVE-2024-46676
• https://www.suse.com/security/cve/CVE-2024-46677
• https://www.suse.com/security/cve/CVE-2024-46679
• https://www.suse.com/security/cve/CVE-2024-46685
• https://www.suse.com/security/cve/CVE-2024-46686
• https://www.suse.com/security/cve/CVE-2024-46689
• https://www.suse.com/security/cve/CVE-2024-46694
• https://www.suse.com/security/cve/CVE-2024-46702
• https://www.suse.com/security/cve/CVE-2024-46707
• https://www.suse.com/security/cve/CVE-2024-46714
• https://www.suse.com/security/cve/CVE-2024-46715
• https://www.suse.com/security/cve/CVE-2024-46717
• https://www.suse.com/security/cve/CVE-2024-46720
• https://www.suse.com/security/cve/CVE-2024-46721
• https://www.suse.com/security/cve/CVE-2024-46722
• https://www.suse.com/security/cve/CVE-2024-46723
• https://www.suse.com/security/cve/CVE-2024-46724
• https://www.suse.com/security/cve/CVE-2024-46725
• https://www.suse.com/security/cve/CVE-2024-46726
• https://www.suse.com/security/cve/CVE-2024-46727
• https://www.suse.com/security/cve/CVE-2024-46728
• https://www.suse.com/security/cve/CVE-2024-46730
• https://www.suse.com/security/cve/CVE-2024-46731
• https://www.suse.com/security/cve/CVE-2024-46732
• https://www.suse.com/security/cve/CVE-2024-46737
• https://www.suse.com/security/cve/CVE-2024-46738
• https://www.suse.com/security/cve/CVE-2024-46739
• https://www.suse.com/security/cve/CVE-2024-46743
• https://www.suse.com/security/cve/CVE-2024-46744
• https://www.suse.com/security/cve/CVE-2024-46745
• https://www.suse.com/security/cve/CVE-2024-46746
• https://www.suse.com/security/cve/CVE-2024-46747
• https://www.suse.com/security/cve/CVE-2024-46750
• https://www.suse.com/security/cve/CVE-2024-46751
• https://www.suse.com/security/cve/CVE-2024-46752
• https://www.suse.com/security/cve/CVE-2024-46753
• https://www.suse.com/security/cve/CVE-2024-46755
• https://www.suse.com/security/cve/CVE-2024-46756
• https://www.suse.com/security/cve/CVE-2024-46758
• https://www.suse.com/security/cve/CVE-2024-46759
• https://www.suse.com/security/cve/CVE-2024-46761
• https://www.suse.com/security/cve/CVE-2024-46771
• https://www.suse.com/security/cve/CVE-2024-46772
• https://www.suse.com/security/cve/CVE-2024-46773
• https://www.suse.com/security/cve/CVE-2024-46774
• https://www.suse.com/security/cve/CVE-2024-46778
• https://www.suse.com/security/cve/CVE-2024-46780
• https://www.suse.com/security/cve/CVE-2024-46781
• https://www.suse.com/security/cve/CVE-2024-46783
• https://www.suse.com/security/cve/CVE-2024-46784
• https://www.suse.com/security/cve/CVE-2024-46786
• https://www.suse.com/security/cve/CVE-2024-46787
• https://www.suse.com/security/cve/CVE-2024-46791
• https://www.suse.com/security/cve/CVE-2024-46794
• https://www.suse.com/security/cve/CVE-2024-46798
• https://www.suse.com/security/cve/CVE-2024-46822
• https://www.suse.com/security/cve/CVE-2024-46830