SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2894-1)

high Nessus Plugin ID 205493

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2894-1 advisory.

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952).
- CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
- CVE-2021-47186: tipc: check for null after calling kmemdup (bsc#1222702).
- CVE-2021-47546: Kabi fix for ipv6: fix memory leak in fib6_rule_suppress (bsc#1225504).
- CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
- CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568).
- CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565).
- CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570).
- CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
- CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571)
- CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len (bsc#1226555).
- CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919).
- CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() (bsc#1227927)
- CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path (bsc#1227936).
- CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071)
- CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869)
- CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876).
- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
- CVE-2023-52812: drm/amd: check num of link levels when update pcie param (bsc#1225564).
- CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer overflow (bsc#1225581).
- CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer dereference (bsc#1225586).
- CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in (bsc#1222323)
- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
- CVE-2024-26802: stmmac: Clear variable when destroying workqueue (bsc#1222799).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26961: mac802154: fix llsec key resources release in mac802154_llsec_key_del (bsc#1223652).
- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
- CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
- CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
- CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500).
- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
- CVE-2024-35889: idpf: fix kernel panic on unknown packet types (bsc#1224517).
- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700)
- CVE-2024-35961: net/mlx5: Restore mistakenly dropped parts in register devlink flow (bsc#1224585).
- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
- CVE-2024-35995: ACPI: CPPC: Fix access width used for PCC registers (bsc#1224557).
- CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
- CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
- CVE-2024-36939: nfs: Handle error of rpc_proc_register() in nfs_net_init() (bsc#1225838).
- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
- CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
- CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (bsc#1226911).
- CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
- CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
- CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090).
- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
- CVE-2024-39493: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (bsc#1227620).
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-39497: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (bsc#1227722)
- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
- CVE-2024-39506: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
- CVE-2024-39508: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (bsc#1227732).
- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).
- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
- CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO (bsc#1227849).
- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
- CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
- CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891).
- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
- CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (bsc#1227950).
- CVE-2024-40982: ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865).
- CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
- CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
- CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
- CVE-2024-41009: selftests/bpf: Add more ring buffer test coverage (bsc#1228020).
- CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
- CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
- CVE-2024-41016: ocfs2: add bounds checking to ocfs2_xattr_find_entry() (bsc#1228410).
- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
- CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518)
- CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520)
- CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
- CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565)
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
- CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
- CVE-2024-41063: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580)
- CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
- CVE-2024-41066: ibmvnic: Add tx check to prevent skb leak (bsc#1228640).
- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
- CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
- CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing (bsc#1228625).
- CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
- CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617)
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
- CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470)
- CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
- CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
- CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
- CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591)
- CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705)
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
- CVE-2024-42161: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
- CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723)
- CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).

The following non-security bugs were fixed:

- ACPI: EC: Abort address space access upon error (stable-fixes).
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).
- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (stable-fixes).
- ACPI: x86: Force StorageD3Enable on more products (stable-fixes).
- ACPI: x86: utils: Add Picasso to the list for forcing StorageD3Enable (stable-fixes).
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
- ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).
- ALSA: emux: improve patch ioctl data validation (stable-fixes).
- ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes).
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
- ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
- ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).
- ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
- ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
- ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
- arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
- arm64/io: add constant-argument check (bsc#1226502 git-fixes)
- arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).
- ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).
- ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).
- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).
- blk-cgroup: dropping parent refcount after pd_free_fn() is done (bsc#1224573).
- block: do not add partitions if GD_SUPPRESS_PART_SCAN is set (bsc#1227162).
- block, loop: support partitions without scanning (bsc#1227162).
- Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).
- Bluetooth: btqca: use le32_to_cpu for ver.soc_id (stable-fixes).
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).
- Bluetooth: hci_qca: mark OF related data as maybe unused (stable-fixes).
- Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
- Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).
- bnxt_re: Fix imm_data endianness (git-fixes)
- bpf: aggressively forget precise markings during state checkpointing (bsc#1225903).
- bpf: allow precision tracking for programs with subprogs (bsc#1225903).
- bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903).
- bpf: clean up visit_insn()'s instruction processing (bsc#1225903).
- bpf: correct loop detection for iterators convergence (bsc#1225903).
- bpf: encapsulate precision backtracking bookkeeping (bsc#1225903).
- bpf: ensure state checkpointing at iter_next() call sites (bsc#1225903).
- bpf: exact states comparison for iterator convergence checks (bsc#1225903).
- bpf: extract __check_reg_arg() utility function (bsc#1225903).
- bpf: extract same_callsites() as utility function (bsc#1225903).
- bpf: extract setup_func_entry() utility function (bsc#1225903).
- bpf: fix calculation of subseq_idx during precision backtracking (bsc#1225903).
- bpf: fix mark_all_scalars_precise use in mark_chain_precision (bsc#1225903).
- bpf: Fix memory leaks in __check_func_call (bsc#1225903).
- bpf: fix propagate_precision() logic for inner frames (bsc#1225903).
- bpf: fix regs_exact() logic in regsafe() to remap IDs correctly (bsc#1225903).
- bpf: Fix to preserve reg parent/live fields when copying range info (bsc#1225903).
- bpf: generalize MAYBE_NULL vs non-MAYBE_NULL rule (bsc#1225903).
- bpf: improve precision backtrack logging (bsc#1225903).
- bpf: Improve verifier u32 scalar equality checking (bsc#1225903).
- bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
- bpf: maintain bitmasks across all active frames in __mark_chain_precision (bsc#1225903).
- bpf: mark relevant stack slots scratched for register read instructions (bsc#1225903).
- bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).
- bpf: perform byte-by-byte comparison only when necessary in regsafe() (bsc#1225903).
- bpf: print full verifier states on infinite loop detection (bsc#1225903).
- bpf: regsafe() must not skip check_ids() (bsc#1225903).
- bpf: reject non-exact register type matches in regsafe() (bsc#1225903).
- bpf: Remove unused insn_cnt argument from visit_[func_call_]insn() (bsc#1225903).
- bpf: reorganize struct bpf_reg_state fields (bsc#1225903).
- bpf: Skip invalid kfunc call in backtrack_insn (bsc#1225903).
- bpf: states_equal() must build idmap for all function frames (bsc#1225903).
- bpf: stop setting precise in current state (bsc#1225903).
- bpf: support precision propagation in the presence of subprogs (bsc#1225903).
- bpf: take into account liveness when propagating precision (bsc#1225903).
- bpf: teach refsafe() to take into account ID remapping (bsc#1225903).
- bpf: unconditionally reset backtrack_state masks on global func exit (bsc#1225903).
- bpf: use check_ids() for active_lock comparison (bsc#1225903).
- bpf: Use scalar ids in mark_chain_precision() (bsc#1225903).
- bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).
- bpf: Verify scalar ids mapping in regsafe() using check_ids() (bsc#1225903).
- bpf: widening for callback iterators (bsc#1225903).
- btrfs: add device major-minor info in the struct btrfs_device (bsc#1227162).
- btrfs: harden identification of a stale device (bsc#1227162).
- btrfs: match stale devices by dev_t (bsc#1227162).
- btrfs: remove the cross file system checks from remap (bsc#1227157).
- btrfs: use dev_t to match device in device_matched (bsc#1227162).
- btrfs: validate device maj:min during open (bsc#1227162).
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
- cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).
- can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).
- can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).
- ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228418).
- cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
- checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).
- crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
- crypto: ecdh - explicitly zeroize private_key (stable-fixes).
- crypto: ecdsa - Fix the public key format description (git-fixes).
- crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).
- csky: ftrace: Drop duplicate implementation of arch_check_ftrace_location() (git-fixes).
- decompress_bunzip2: fix rare decompression failure (git-fixes).
- devres: Fix devm_krealloc() wasting memory (git-fixes).
- devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).
- dma: fix call order in dmam_free_coherent (git-fixes).
- docs: crypto: async-tx-api: fix broken code example (git-fixes).
- docs: Fix formatting of literal sections in fanotify docs (stable-fixes).
- drm/amd/amdgpu: Fix style errors in amdgpu_drv.c & amdgpu_device.c (stable-fixes).
- drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).
- drm/amd/display: Check for NULL pointer (stable-fixes).
- drm/amd/display: Check index msg_id before read or write (stable-fixes).
- drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
- drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).
- drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
- drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
- drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
- drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).
- drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).
- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
- drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
- drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
- drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
- drm/amd/pm: remove logically dead code for renoir (git-fixes).
- drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).
- drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
- drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).
- drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).
- drm/lima: fix shared irq handling on driver remove (stable-fixes).
- drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
- drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
- drm/meson: fix canvas release in bind function (git-fixes).
- drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
- drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
- drm/mipi-dsi: Fix mipi_dsi_dcs_write_seq() macro definition format (stable-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).
- drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).
- drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).
- drm/nouveau: prime: fix refcount underflow (git-fixes).
- drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
- drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
- drm/qxl: Add check for drm_cvt_mode (git-fixes).
- drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
- drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).
- drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
- drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
- drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
- eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
- exfat: check if cluster num is valid (git-fixes).
- exfat: simplify is_valid_cluster() (git-fixes).
- filelock: add a new locks_inode_context accessor function (git-fixes).
- firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
- firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).
- firmware: cs_dsp: Return error if block header overflows file (git-fixes).
- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
- firmware: cs_dsp: Validate payload length before processing block (git-fixes).
- firmware: dmi: Stop decoding on broken entry (stable-fixes).
- firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).
- firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
- fix build warning
- fs: allow cross-vfsmount reflink/dedupe (bsc#1227157).
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: verify {g,u}id mount options correctly (bsc#1228191).
- gpio: mc33880: Convert comma to semicolon (git-fixes).
- hfsplus: fix to avoid false alarm of circular locking (git-fixes).
- hfsplus: fix uninit-value in copy_name (git-fixes).
- HID: Add quirk for Logitech Casa touchpad (stable-fixes).
- HID: wacom: Modify pen IDs (git-fixes).
- hpet: Support 32-bit userspace (git-fixes).
- hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
- hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
- i2c: mark HostNotify target address as used (git-fixes).
- i2c: rcar: bring hardware to known state when probing (git-fixes).
- i2c: tegra: Fix failure during probe deferral cleanup (git-fixes)
- i2c: tegra: Share same DMA channel for RX and TX (bsc#1227661)
- i2c: testunit: avoid re-issued work after read message (git-fixes).
- i2c: testunit: correct Kconfig description (git-fixes).
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).
- Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).
- Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).
- Input: qt1050 - handle CHIP_ID reading error (git-fixes).
- Input: silead - Always support 10 fingers (stable-fixes).
- intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
- intel_th: pci: Add Granite Rapids support (stable-fixes).
- intel_th: pci: Add Lunar Lake support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S support (stable-fixes).
- intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
- iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
- ionic: clean interrupt before enabling queue to avoid credit race (git-fixes).
- jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).
- jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
- jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
- kABI: bpf: bpf_reg_state reorganization kABI workaround (bsc#1225903).
- kABI: bpf: callback fixes kABI workaround (bsc#1225903).
- kABI: bpf: struct bpf_{idmap,idset} kABI workaround (bsc#1225903).
- kABI: bpf: tmp_str_buf kABI workaround (bsc#1225903).
- kABI: rtas: Workaround false positive due to lost definition (bsc#1227487).
- kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
- kabi/severities: Ignore tpm_tis_core_init (bsc#1082555).
- kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users.
- kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)
- kernel-binary: vdso: Own module_dir
- kernel/sched: Remove dl_boosted flag comment (git fixes (sched)).
- knfsd: LOOKUP can return an illegal error value (git-fixes).
- kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).
- kprobes: Make arch_check_ftrace_location static (git-fixes).
- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- KVM: PPC: Book3S HV: Fix 'rm_exit' entry in debugfs timings (bsc#1194869).
- KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869).
- KVM: PPC: Book3S HV Nested: L2 LPCR should inherit L1 LPES setting (bsc#1194869).
- KVM: PPC: Book3S HV: remove extraneous asterisk from rm_host_ipi_action() comment (bsc#1194869).
- KVM: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST (bsc#1194869).
- KVM: PPC: Book3S: Suppress warnings when allocating too big memory slots (bsc#1194869).
- KVM: s390: fix LPSWEY handling (bsc#1227635 git-fixes).
- KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (git-fixes).
- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- KVM: x86: Add IBPB_BRTYPE support (bsc#1228079).
- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).
- KVM: x86: Bail from kvm_recalculate_phys_map() if x2APIC ID is out-of-bounds (git-fixes).
- KVM: x86: Disable APIC logical map if logical ID covers multiple MDAs (git-fixes).
- KVM: x86: Disable APIC logical map if vCPUs are aliased in logical mode (git-fixes).
- KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).
- KVM: x86: Explicitly skip optimized logical map setup if vCPU's LDR==0 (git-fixes).
- KVM: x86: Explicitly track all possibilities for APIC map's logical modes (git-fixes).
- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- KVM: x86: Fix KVM_GET_MSRS stack info leak (git-fixes).
- KVM: x86: Honor architectural behavior for aliased 8-bit APIC IDs (git-fixes).
- KVM: x86: Purge 'highest ISR' cache when updating APICv state (git-fixes).
- KVM: x86: Save/restore all NMIs when multiple NMIs are pending (git-fixes).
- KVM: x86: Skip redundant x2APIC logical mode optimized cluster setup (git-fixes).
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
- leds: triggers: Flush pending brightness before activating trigger (git-fixes).
- leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).
- libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228190).
- lib: objagg: Fix general protection fault (git-fixes).
- lib: objagg: Fix spelling (git-fixes).
- lib: test_objagg: Fix spelling (git-fixes).
- lockd: set missing fl_flags field when retrieving args (git-fixes).
- lockd: use locks_inode_context helper (git-fixes).
- Make AMD_HSMP=m and mark it unsupported in supported.conf (jsc#PED-8582)
- media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).
- media: dvbdev: Initialize sbuf (stable-fixes).
- media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
- media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).
- media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).
- media: dw2102: Do not translate i2c read into write (stable-fixes).
- media: dw2102: fix a potential buffer overflow (git-fixes).
- media: imon: Fix race getting ictx->lock (git-fixes).
- media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).
- media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
- media: uvcvideo: Override default flags (git-fixes).
- media: venus: fix use after free in vdec_close (git-fixes).
- media: venus: flush all buffers in output plane streamoff (git-fixes).
- mei: demote client disconnect warning on suspend to debug (stable-fixes).
- mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
- mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).
- net/dcb: check for detached device before executing callbacks (bsc#1215587).
- netfilter: conntrack: ignore overly delayed tcp packets (bsc#1223180).
- netfilter: conntrack: prepare tcp_in_window for ternary return value (bsc#1223180).
- netfilter: conntrack: remove pr_debug callsites from tcp tracker (bsc#1223180).
- netfilter: conntrack: work around exceeded receive window (bsc#1223180).
- netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462).
- net: mana: Fix possible double free in error handling path (git-fixes).
- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
- net: usb: qmi_wwan: add Telit FN912 compositions (git-fixes).
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes).
- nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).
- NFSD: Add an nfsd_file_fsync tracepoint (git-fixes).
- NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection (git-fixes).
- nfsd: Add errno mapping for EREMOTEIO (git-fixes).
- NFSD: Add nfsd_file_lru_dispose_list() helper (git-fixes).
- nfsd: add some comments to nfsd_file_do_acquire (git-fixes).
- nfsd: allow nfsd_file_get to sanely handle a NULL pointer (git-fixes).
- nfsd: allow reaping files still under writeback (git-fixes).
- NFSD: Avoid calling fh_drop_write() twice in do_nfsd_create() (git-fixes).
- NFSD: Clean up nfsd3_proc_create() (git-fixes).
- nfsd: Clean up nfsd_file_put() (git-fixes).
- NFSD: Clean up nfsd_open_verified() (git-fixes).
- NFSD: Clean up unused code after rhashtable conversion (git-fixes).
- NFSD: Convert filecache to rhltable (git-fixes).
- NFSD: Convert the filecache to use rhashtable (git-fixes).
- NFSD: De-duplicate hash bucket indexing (git-fixes).
- nfsd: do not free files unconditionally in __nfsd_file_cache_purge (git-fixes).
- nfsd: do not fsync nfsd_files on last close (git-fixes).
- nfsd: do not hand out delegation on setuid files being opened for write (git-fixes).
- nfsd: do not kill nfsd_files because of lease break error (git-fixes).
- nfsd: Do not leave work of closing files to a work queue (bsc#1228140).
- nfsd: do not take/put an extra reference when putting a file (git-fixes).
- NFSD enforce filehandle check for source file in COPY (git-fixes).
- NFSD: Ensure nf_inode is never dereferenced (git-fixes).
- nfsd: fix handling of cached open files in nfsd4_open codepath (git-fixes).
- NFSD: Fix licensing header in filecache.c (git-fixes).
- nfsd: fix net-namespace logic in __nfsd_file_cache_purge (git-fixes).
- nfsd: fix nfsd_file_unhash_and_dispose (git-fixes).
- NFSD: Fix potential use-after-free in nfsd_file_put() (git-fixes).
- NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop (git-fixes).
- NFSD: Fix the filecache LRU shrinker (git-fixes).
- nfsd: fix up the filecache laundrette scheduling (git-fixes).
- nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint (git-fixes).
- NFSD: Flesh out a documenting comment for filecache.c (git-fixes).
- NFSD: handle errors better in write_ports_addfd() (git-fixes).
- NFSD: Instantiate a struct file when creating a regular NFSv4 file (git-fixes).
- NFSD: Leave open files out of the filecache LRU (git-fixes).
- nfsd: map EBADF (git-fixes).
- NFSD: Move nfsd_file_trace_alloc() tracepoint (git-fixes).
- NFSD: nfsd_file_hash_remove can compute hashval (git-fixes).
- nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries (git-fixes).
- NFSD: nfsd_file_put() can sleep (git-fixes).
- NFSD: nfsd_file_unhash can compute hashval from nf->nf_inode (git-fixes).
- NFSD: No longer record nf_hashval in the trace log (git-fixes).
- NFSD: Pass the target nfsd_file to nfsd_commit() (git-fixes).
- nfsd: put the export reference in nfsd4_verify_deleg_dentry (git-fixes).
- NFSD: Record number of flush calls (git-fixes).
- NFSD: Refactor nfsd_create_setattr() (git-fixes).
- NFSD: Refactor __nfsd_file_close_inode() (git-fixes).
- NFSD: Refactor nfsd_file_gc() (git-fixes).
- NFSD: Refactor nfsd_file_lru_scan() (git-fixes).
- NFSD: Refactor NFSv3 CREATE (git-fixes).
- NFSD: Refactor NFSv4 OPEN(CREATE) (git-fixes).
- NFSD: Remove do_nfsd_create() (git-fixes).
- NFSD: Remove lockdep assertion from unhash_and_release_locked() (git-fixes).
- NFSD: Remove nfsd_file::nf_hashval (git-fixes).
- nfsd: remove the pages_flushed statistic from filecache (git-fixes).
- nfsd: reorganize filecache.c (git-fixes).
- NFSD: Replace the 'init once' mechanism (git-fixes).
- NFSD: Report average age of filecache items (git-fixes).
- NFSD: Report count of calls to nfsd_file_acquire() (git-fixes).
- NFSD: Report count of freed filecache items (git-fixes).
- NFSD: Report filecache LRU size (git-fixes).
- NFSD: Report the number of items evicted by the LRU walk (git-fixes).
- nfsd: Retry once in nfsd_open on an -EOPENSTALE return (git-fixes).
- nfsd: rework hashtable handling in nfsd_do_file_acquire (git-fixes).
- nfsd: rework refcounting in filecache (git-fixes).
- NFSD: Separate tracepoints for acquire and create (git-fixes).
- NFSD: Set up an rhashtable for the filecache (git-fixes).
- nfsd: silence extraneous printk on nfsd.ko insertion (git-fixes).
- NFSD: simplify per-net file cache management (git-fixes).
- nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator (git-fixes).
- nfsd: simplify the delayed disposal list code (git-fixes).
- NFSD: Trace filecache LRU activity (git-fixes).
- NFSD: Trace filecache opens (git-fixes).
- NFSD: verify the opened dentry after setting a delegation (git-fixes).
- NFSD: WARN when freeing an item still linked via nf_lru (git-fixes).
- NFSD: Write verifier might go backwards (git-fixes).
- NFSD: Zero counters when the filecache is re-initialized (git-fixes).
- NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).
- nfs: fix undefined behavior in nfs_block_bits() (git-fixes).
- nfs: keep server info for remounts (git-fixes).
- nfs: Leave pages in the pagecache if readpage failed (git-fixes).
- NFSv4: Fixup smatch warning for ambiguous return (git-fixes).
- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362)
- nilfs2: add missing check for inode numbers on directory entries (git-fixes).
- nilfs2: add missing check for inode numbers on directory entries (stable-fixes).
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).
- nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
- nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
- nilfs2: fix inode number range checks (git-fixes).
- nilfs2: fix inode number range checks (stable-fixes).
- nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes).
- nvme-auth: alloc nvme_dhchap_key as single buffer (git-fixes).
- nvme-auth: allow mixing of secret and hash lengths (git-fixes).
- nvme-auth: use transformed key size to create resp (git-fixes).
- nvme: avoid double free special payload (git-fixes).
- nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
- nvme-multipath: find NUMA path only for online numa-node (git-fixes).
- nvme-pci: add missing condition check for existence of mapped data (git-fixes).
- nvme-pci: Fix the instructions for disabling power management (git-fixes).
- nvmet: always initialize cqe.result (git-fixes).
- nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
- nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes).
- nvme: use ctrl state accessor (bsc#1215492).
- ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834).
- ocfs2: remove redundant assignment to variable free_space (bsc#1228409).
- ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- orangefs: fix out-of-bounds fsid access (git-fixes).
- PCI: Add PCI_ERROR_RESPONSE and related definitions (stable-fixes).
- PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
- PCI: Extend ACS configurability (bsc#1228090).
- PCI: Fix resource double counting on remove & rescan (git-fixes).
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
- PCI: Introduce cleanup helpers for device reference counts and locks (git-fixes).
- PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).
- PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).
- PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git- fixes).
- PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).
- PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (git-fixes).
- PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).
- PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
- pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
- pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/x86: dell-smbios-base: Use sysfs_emit() (stable-fixes).
- platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
- platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
- platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6' tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
- platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).
- powerpc/cpuidle: Set CPUIDLE_FLAG_POLLING for snooze state (bsc#1227121 ltc#207129).
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869).
- powerpc/kasan: Disable address sanitization in kexec paths (bsc#1194869).
- powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
- powerpc/rtas: clean up includes (bsc#1227487).
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
- power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).
- pwm: stm32: Always do lazy disabling (git-fixes).
- RDMA/cache: Release GID table even if leak is detected (git-fixes)
- RDMA/device: Return error earlier if port in not valid (git-fixes)
- RDMA/hns: Check atomic wr length (git-fixes)
- RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes)
- RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
- RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
- RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes)
- RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes)
- RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
- RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
- RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
- RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes)
- RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
- RDMA/restrack: Fix potential invalid address access (git-fixes)
- RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes)
- regmap-i2c: Subtract reg size from max_write (stable-fixes).
- Revert 'ALSA: firewire-lib: obsolete workqueue for period update' (bsc#1208783).
- Revert 'ALSA: firewire-lib: operate for period elapse event in process context' (bsc#1208783).
- Revert 'leds: led-core: Fix refcount leak in of_led_get()' (git-fixes).
- Revert 'usb: musb: da8xx: Set phy in OTG mode by default' (stable-fixes).
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).
- rpm/guards: fix precedence issue with control flow operator With perl 5.40 it report the following error on rpm/guards script: Possible precedence issue with control flow operator (exit) at scripts/guards line 208. Fix the issue by adding parenthesis around ternary operator.
- rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
- rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
- rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
- rtlwifi: rtl8192de: Style clean-ups (stable-fixes).
- s390: Implement __iowrite32_copy() (bsc#1226502)
- s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)
- saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
- sched/fair: Do not balance task to its current running CPU (git fixes (sched)).
- sched: Fix stop_one_cpu_nowait() vs hotplug (git fixes (sched)).
- scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857).
- scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857).
- scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857).
- scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857).
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857).
- scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
- scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857).
- scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
- scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
- scsi: qla2xxx: Complete command early within lock (bsc#1228850).
- scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
- scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
- scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
- scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
- scsi: qla2xxx: Fix flash read failure (bsc#1228850).
- scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
- scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
- scsi: qla2xxx: Indent help text (bsc#1228850).
- scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
- scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
- scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
- scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
- scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
- scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
- selftests/bpf: Add a selftest for checking subreg equality (bsc#1225903).
- selftests/bpf: add pre bpf_prog_test_run_opts() callback for test_loader (bsc#1225903).
- selftests/bpf: add precision propagation tests in the presence of subprogs (bsc#1225903).
- selftests/bpf: Add pruning test case for bpf_spin_lock (bsc#1225903).
- selftests/bpf: Check if mark_chain_precision() follows scalar ids (bsc#1225903).
- selftests/bpf: check if max number of bpf_loop iterations is tracked (bsc#1225903).
- selftests/bpf: fix __retval() being always ignored (bsc#1225903).
- selftests/bpf: fix unpriv_disabled check in test_verifier (bsc#1225903).
- selftests/bpf: __imm_insn & __imm_const macro for bpf_misc.h (bsc#1225903).
- selftests/bpf: make test_align selftest more robust (bsc#1225903).
- selftests/bpf: populate map_array_ro map for verifier_array_access test (bsc#1225903).
- selftests/bpf: prog_tests entry point for migrated test_verifier tests (bsc#1225903).
- selftests/bpf: Report program name on parse_test_spec error (bsc#1225903).
- selftests/bpf: Support custom per-test flags and multiple expected messages (bsc#1225903).
- selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).
- selftests/bpf: test case for relaxed prunning of active_lock.id (bsc#1225903).
- selftests/bpf: test cases for regsafe() bug skipping check_id() (bsc#1225903).
- selftests/bpf: Tests execution support for test_loader.c (bsc#1225903).
- selftests/bpf: tests for iterating callbacks (bsc#1225903).
- selftests/bpf: test widening for iterating callbacks (bsc#1225903).
- selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).
- selftests/bpf: Unprivileged tests for test_loader.c (bsc#1225903).
- selftests/bpf: Verify copy_register_state() preserves parent/live fields (bsc#1225903).
- selftests/bpf: verify states_equal() maintains idmap across all frames (bsc#1225903).
- selftests/bpf: Verify that check_ids() is used for scalars in regsafe() (bsc#1225903).
- selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).
- spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).
- spi: mux: set ctlr->bits_per_word_mask (stable-fixes).
- string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850).
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).
- SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
- SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).
- supported.conf:
- tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555).
- tpm: Prevent hwrng from activating during resume (bsc#1082555).
- tpm_tis: Resend command to recover from data transfer errors (bsc#1082555).
- tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555).
- tpm, tpm: Implement usage counter for locality (bsc#1082555).
- tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555).
- tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555).
- tpm, tpm_tis: Claim locality in interrupt handler (bsc#1082555).
- tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555).
- tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555).
- tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555).
- tpm, tpm_tis: Only handle supported interrupts (bsc#1082555).
- tracing: Build event generation tests only as modules (git-fixes).
- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).
- tracing/osnoise: Add osnoise/options file (bsc#1228330)
- tracing/osnoise: Add OSNOISE_WORKLOAD option (bsc#1228330)
- tracing/osnoise: Do not follow tracing_cpumask (bsc#1228330)
- tracing/osnoise: Fix notify new tracing_max_latency (bsc#1228330)
- tracing/osnoise: Make osnoise_instances static (bsc#1228330)
- tracing/osnoise: Split workload start from the tracer start (bsc#1228330)
- tracing/osnoise: Support a list of trace_array *tr (bsc#1228330)
- tracing/osnoise: Use built-in RCU list checking (bsc#1228330)
- tracing/timerlat: Notify new max thread latency (bsc#1228330)
- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).
- usb: cdns3: allocate TX FIFO size according to composite EP number (git-fixes).
- usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config (git-fixes).
- usb: cdns3: fix iso transfer error when mult is not zero (git-fixes).
- usb: cdns3: improve handling of unaligned address case (git-fixes).
- usb: cdns3: optimize OUT transfer by copying only actual received data (git-fixes).
- usb: cdns3: skip set TRB_IOC when usb_request: no_interrupt is true (git-fixes).
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).
- usb: dwc3: gadget: Do not delay End Transfer on delayed_status (git-fixes).
- usb: dwc3: gadget: Force sending delayed status during soft disconnect (git-fixes).
- usb: dwc3: gadget: Synchronize IRQ between soft connect/disconnect (git-fixes).
- usb: gadget: call usb_gadget_check_config() to verify UDC capability (git-fixes).
- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).
- usb: gadget: printer: SS+ support (stable-fixes).
- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).
- USB: serial: mos7840: fix crash on resume (git-fixes).
- USB: serial: option: add Fibocom FM350-GL (stable-fixes).
- USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes).
- USB: serial: option: add Rolling RW350-GL variants (stable-fixes).
- USB: serial: option: add support for Foxconn T99W651 (stable-fixes).
- USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit generic core-dump composition (stable-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: xhci-plat: Do not include xhci.h (git-fixes).
- USB: xhci-plat: fix legacy PHY double init (git-fixes).
- wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
- wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
- wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
- wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).
- wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).
- wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).
- wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).
- wifi: mwifiex: Fix interface type change (git-fixes).
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).
- wifi: wilc1000: fix ies_len type in connect path (git-fixes).
- workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
- workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454).
- x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (git-fixes).
- x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
- x86/bugs: Remove default case for fully switched enums (bsc#1227900).
- x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).
- x86/ibt,ftrace: Search for __fentry__ location (git-fixes).
- x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 (git-fixes).
- x86/mm: Allow guest.enc_status_change_prepare() to fail (git-fixes).
- x86/mm: Fix enc_status_change_finish_noop() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (bsc#1227900).
- x86/srso: Remove 'pred_cmd' label (bsc#1227900).
- x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)
- x86/tdx: Fix race between set_memory_encrypted() and load_unaligned_zeropad() (git-fixes).
- xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228226).
- xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 205493

File Name: suse_SU-2024-2894-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 8/14/2024

Updated: 8/14/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-42224

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150500_13_64-rt

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/13/2024

Vulnerability Publication Date: 3/7/2022

Reference Information

CVE: CVE-2021-47086, CVE-2021-47103, CVE-2021-47186, CVE-2021-47402, CVE-2021-47546, CVE-2021-47547, CVE-2021-47588, CVE-2021-47590, CVE-2021-47591, CVE-2021-47593, CVE-2021-47598, CVE-2021-47599, CVE-2021-47606, CVE-2021-47622, CVE-2021-47623, CVE-2021-47624, CVE-2022-48713, CVE-2022-48730, CVE-2022-48732, CVE-2022-48749, CVE-2022-48756, CVE-2022-48773, CVE-2022-48774, CVE-2022-48775, CVE-2022-48776, CVE-2022-48777, CVE-2022-48778, CVE-2022-48780, CVE-2022-48783, CVE-2022-48784, CVE-2022-48785, CVE-2022-48786, CVE-2022-48787, CVE-2022-48788, CVE-2022-48789, CVE-2022-48790, CVE-2022-48791, CVE-2022-48792, CVE-2022-48793, CVE-2022-48794, CVE-2022-48796, CVE-2022-48797, CVE-2022-48798, CVE-2022-48799, CVE-2022-48800, CVE-2022-48801, CVE-2022-48802, CVE-2022-48803, CVE-2022-48804, CVE-2022-48805, CVE-2022-48806, CVE-2022-48807, CVE-2022-48809, CVE-2022-48810, CVE-2022-48811, CVE-2022-48812, CVE-2022-48813, CVE-2022-48814, CVE-2022-48815, CVE-2022-48816, CVE-2022-48817, CVE-2022-48818, CVE-2022-48820, CVE-2022-48821, CVE-2022-48822, CVE-2022-48823, CVE-2022-48824, CVE-2022-48825, CVE-2022-48826, CVE-2022-48827, CVE-2022-48828, CVE-2022-48829, CVE-2022-48830, CVE-2022-48831, CVE-2022-48834, CVE-2022-48835, CVE-2022-48836, CVE-2022-48837, CVE-2022-48838, CVE-2022-48839, CVE-2022-48840, CVE-2022-48841, CVE-2022-48842, CVE-2022-48843, CVE-2022-48844, CVE-2022-48846, CVE-2022-48847, CVE-2022-48849, CVE-2022-48850, CVE-2022-48851, CVE-2022-48852, CVE-2022-48853, CVE-2022-48855, CVE-2022-48856, CVE-2022-48857, CVE-2022-48858, CVE-2022-48859, CVE-2022-48860, CVE-2022-48861, CVE-2022-48862, CVE-2022-48863, CVE-2022-48864, CVE-2022-48866, CVE-2023-1582, CVE-2023-37453, CVE-2023-52435, CVE-2023-52573, CVE-2023-52580, CVE-2023-52591, CVE-2023-52735, CVE-2023-52751, CVE-2023-52762, CVE-2023-52775, CVE-2023-52812, CVE-2023-52857, CVE-2023-52863, CVE-2023-52885, CVE-2023-52886, CVE-2024-25741, CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2024-26615, CVE-2024-26633, CVE-2024-26635, CVE-2024-26636, CVE-2024-26641, CVE-2024-26661, CVE-2024-26663, CVE-2024-26665, CVE-2024-26800, CVE-2024-26802, CVE-2024-26813, CVE-2024-26814, CVE-2024-26863, CVE-2024-26889, CVE-2024-26920, CVE-2024-26935, CVE-2024-26961, CVE-2024-26976, CVE-2024-27015, CVE-2024-27019, CVE-2024-27020, CVE-2024-27025, CVE-2024-27065, CVE-2024-27402, CVE-2024-27437, CVE-2024-35805, CVE-2024-35819, CVE-2024-35837, CVE-2024-35853, CVE-2024-35854, CVE-2024-35855, CVE-2024-35889, CVE-2024-35890, CVE-2024-35893, CVE-2024-35899, CVE-2024-35934, CVE-2024-35949, CVE-2024-35961, CVE-2024-35979, CVE-2024-35995, CVE-2024-36000, CVE-2024-36004, CVE-2024-36288, CVE-2024-36889, CVE-2024-36901, CVE-2024-36902, CVE-2024-36909, CVE-2024-36910, CVE-2024-36911, CVE-2024-36912, CVE-2024-36913, CVE-2024-36914, CVE-2024-36919, CVE-2024-36923, CVE-2024-36924, CVE-2024-36926, CVE-2024-36939, CVE-2024-36941, CVE-2024-36942, CVE-2024-36944, CVE-2024-36946, CVE-2024-36947, CVE-2024-36950, CVE-2024-36952, CVE-2024-36955, CVE-2024-36959, CVE-2024-36974, CVE-2024-38548, CVE-2024-38555, CVE-2024-38558, CVE-2024-38559, CVE-2024-38570, CVE-2024-38586, CVE-2024-38588, CVE-2024-38598, CVE-2024-38628, CVE-2024-39276, CVE-2024-39371, CVE-2024-39463, CVE-2024-39472, CVE-2024-39475, CVE-2024-39482, CVE-2024-39487, CVE-2024-39488, CVE-2024-39490, CVE-2024-39493, CVE-2024-39494, CVE-2024-39497, CVE-2024-39499, CVE-2024-39500, CVE-2024-39501, CVE-2024-39502, CVE-2024-39505, CVE-2024-39506, CVE-2024-39507, CVE-2024-39508, CVE-2024-39509, CVE-2024-40900, CVE-2024-40901, CVE-2024-40902, CVE-2024-40903, CVE-2024-40904, CVE-2024-40906, CVE-2024-40908, CVE-2024-40909, CVE-2024-40911, CVE-2024-40912, CVE-2024-40916, CVE-2024-40919, CVE-2024-40923, CVE-2024-40924, CVE-2024-40927, CVE-2024-40929, CVE-2024-40931, CVE-2024-40932, CVE-2024-40934, CVE-2024-40935, CVE-2024-40937, CVE-2024-40940, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943, CVE-2024-40945, CVE-2024-40953, CVE-2024-40954, CVE-2024-40956, CVE-2024-40958, CVE-2024-40959, CVE-2024-40960, CVE-2024-40961, CVE-2024-40966, CVE-2024-40967, CVE-2024-40970, CVE-2024-40972, CVE-2024-40976, CVE-2024-40977, CVE-2024-40981, CVE-2024-40982, CVE-2024-40984, CVE-2024-40987, CVE-2024-40988, CVE-2024-40989, CVE-2024-40990, CVE-2024-40994, CVE-2024-40998, CVE-2024-40999, CVE-2024-41002, CVE-2024-41004, CVE-2024-41006, CVE-2024-41009, CVE-2024-41011, CVE-2024-41012, CVE-2024-41013, CVE-2024-41014, CVE-2024-41015, CVE-2024-41016, CVE-2024-41017, CVE-2024-41040, CVE-2024-41041, CVE-2024-41044, CVE-2024-41048, CVE-2024-41057, CVE-2024-41058, CVE-2024-41059, CVE-2024-41063, CVE-2024-41064, CVE-2024-41066, CVE-2024-41069, CVE-2024-41070, CVE-2024-41071, CVE-2024-41072, CVE-2024-41076, CVE-2024-41078, CVE-2024-41081, CVE-2024-41087, CVE-2024-41090, CVE-2024-41091, CVE-2024-42070, CVE-2024-42079, CVE-2024-42093, CVE-2024-42096, CVE-2024-42105, CVE-2024-42122, CVE-2024-42124, CVE-2024-42145, CVE-2024-42161, CVE-2024-42224, CVE-2024-42230

SuSE: SUSE-SU-2024:2894-1

Detections

Analytics