[SUSE-SU-2024:2901-1] Security update for the Linux Kernel
Severity
Important
CVEs
178
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
- CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
- CVE-2021-47619: i40e: Fix queues reservation for XDP (bsc#1226645).
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743).
- CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
- CVE-2024-42223: media: dvb-frontends: tda10048: Fix integer overflow (bsc#1228726).
- CVE-2024-42119: drm/amd/display: Skip finding free audio for unknown engine_id (bsc#1228584).
- CVE-2024-42120: drm/amd/display: Check pipe offset before setting vblank (bsc#1228588).
- CVE-2024-41095: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (bsc#1228662).
- CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723).
- CVE-2024-41072: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (bsc#1228626).
- CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
- CVE-2024-40995: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
- CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
- CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640).
- CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
- CVE-2024-41089: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (bsc#1228658).
- CVE-2024-41060: drm/radeon: check bo_va->bo is non-NULL before using it (bsc#1228567).
- CVE-2022-48829: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (bsc#1228055).
- CVE-2022-48828: NFSD: Fix ia_size underflow (bsc#1228054).
- CVE-2022-48827: NFSD: Fix the behavior of READ near OFFSET_MAX (bsc#1228037).
- CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
- CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing (bsc#1228625).
- CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
- CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617).
- CVE-2024-40978: scsi: qedi: Fix crash while reading debugfs attribute (bsc#1227929).
- CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228013).
- CVE-2022-48823: scsi: qedf: Fix refcount issue when LOGO is received during TMF (bsc#1228045).
- CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649).
- CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
- CVE-2024-40987: drm/amdgpu: fix UBSAN warning in kv_dpm.c (bsc#1228235).
- CVE-2022-48826: drm/vc4: Fix deadlock on DSI device attach error (bsc#1227975)
- CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
- CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
- CVE-2024-41016: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- CVE-2024-41063: bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580).
- CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
- CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
- CVE-2021-47405: HID: usbhid: free raw_report buffers in usbhid_stop (bsc#1225238).
- CVE-2024-40988: drm/radeon: fix UBSAN warning in kv_dpm.c (bsc#1227957).
- CVE-2024-40932: drm/exynos/vidi: fix memory leak in .get_modes() (bsc#1227828).
- CVE-2021-47403: ipack: ipoctal: fix module reference leak (bsc#1225241).
- CVE-2021-47388: mac80211: fix use-after-free in CCMP/GCMP RX (bsc#1225214).
- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
- CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500).
- CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568).
- CVE-2022-48804: vt_ioctl: fix array_index_nospec in vt_setactivate (bsc#1227968).
- CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891).
- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
- CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071).
- CVE-2021-47582: usb: core: Do not hold the device lock while sleeping in do_proc_control() (bsc#1226559).
- CVE-2024-40982: ssb: fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865).
- CVE-2021-47468: isdn: mISDN: Fix sleeping function called from invalid context (bsc#1225346).
- CVE-2021-47395: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (bsc#1225326).
- CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path (bsc#1227936).
- CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045).
- CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
- CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550).
- CVE-2024-26735: ipv6: sr: fix possible use-after-free and null-ptr-deref (bsc#1222372).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2022-48811: ibmvnic: do not release napi in __ibmvnic_open() (bsc#1227928).
- CVE-2021-0129: Improper access control in BlueZ may have allowed an authenticated user to potentially enable information disclosure via adjacent access (bsc#1186463).
- CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing that could permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (bsc#1179610).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
- CVE-2024-40941: wifi: iwlwifi: mvm: do not read past the mfuart notifcation (bsc#1227771).
- CVE-2022-48860: ethernet: Fix error handling in xemaclite_of_probe (bsc#1228008).
- CVE-2022-48863: mISDN: Fix memory leak in dsp_pipeline_build() (bsc#1228063).
- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
- CVE-2024-39499: vmci: prevent speculation leaks by sanitizing event in event_deliver() (bsc#1227725).
- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
- CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
- CVE-2021-47441: mlxsw: thermal: Fix out-of-bounds memory accesses (bsc#1225224)
- CVE-2021-47194: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type (bsc#1222829).
- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
- CVE-2022-48775: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj (bsc#1227924).
- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
- CVE-2024-40929: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (bsc#1227774).
- CVE-2024-40912: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (bsc#1227790).
- CVE-2024-40942: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (bsc#1227770).
- CVE-2022-48857: NFC: port100: fix use-after-free in port100_send_complete (bsc#1228005).
- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
- CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len. (bsc#1226555).
- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
- CVE-2021-47516: nfp: Fix memory leak in nfp_cpp_area_cache_add() (bsc#1225427).
- CVE-2021-47501: i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc (bsc#1225361).
- CVE-2024-39501: drivers: core: synchronize really_probe() and dev_uevent() (bsc#1227754).
- CVE-2023-52743: ice: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1225003)
- CVE-2021-47542: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() (bsc#1225455).
- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
- CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
- CVE-2021-47597: inet_diag: fix kernel-infoleak for UDP sockets (bsc#1226553).
- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
- CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618).
- CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317).
- CVE-2024-35978: Bluetooth: Fix memory leak in hci_req_sync_complete() (bsc#1224571).
- CVE-2023-52669: crypto: s390/aes - Fix buffer overread in CTR mode (bsc#1224637).
- CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
- CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616).
- CVE-2024-35995: ACPI: CPPC: Use access_width over bit_width for system memory accesses (bsc#1224557).
- CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
- CVE-2021-47295: net: sched: fix memory leak in tcindex_partial_destroy_work (bsc#1224975)
- CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686).
- CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627).
- CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
- CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435)
- CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431).
- CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835).
- CVE-2021-47145: btrfs: do not BUG_ON in link_to_fixup_dir (bsc#1222005).
- CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
- CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569).
- CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532).
- CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530).
- CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478).
- CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593).
- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
- CVE-2024-35828: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (bsc#1224622).
- CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
- CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188).
- CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357).
- CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965).
- CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861).
- CVE-2021-47201: iavf: free q_vectors before queues in iavf_disable_vf (bsc#1222792).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-38630: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (bsc#1226908).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2021-47559: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() (bsc#1225396).
The following non-security bugs were fixed:
- Fix spurious WARNING caused by a qxl driver patch (bsc#1227213,bsc#1227191)
- KVM: PPC: Book3S HV: Do not take kvm->lock around kvm_for_each_vcpu (bsc#1065729).
- KVM: PPC: Book3S HV: remove extraneous asterisk from rm_host_ipi_action() comment (bsc#1065729).
- KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR (bsc#1065729).
- KVM: PPC: Book3S: Fix some RCU-list locks (git-fixes).
- KVM: PPC: Book3S: Only report KVM_CAP_SPAPR_TCE_VFIO on powernv machines (bsc#1065729).
- KVM: PPC: Book3S: Use new mutex to synchronize access to rtas token list (bsc#1065729).
- KVM: PPC: Inform the userspace about TCE update failures (bsc#1065729).
- KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE (bsc#1065729).
- PCI: Fix resource double counting on remove & rescan (git-fixes).
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
- PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check (git-fixes).
- SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
- Tools: hv: kvp: eliminate 'may be used uninitialized' warning (git-fixes).
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
- btrfs: fix 64bit compat send ioctl arguments not initializing version member (bsc#1228030).
- btrfs: fix send ioctl on 32bit with 64bit kernel (bsc#1228030).
- btrfs: incremental send, fix emission of invalid clone operations (bsc#1228030).
- btrfs: remove unused members dir_path from recorded_ref (bsc#1228030).
- btrfs: send, improve clone range (bsc#1228030).
- btrfs: send: add new command FILEATTR for file attributes (bsc#1228030).
- btrfs: send: add stream v2 definitions (bsc#1228030).
- btrfs: send: always use the rbtree based inode ref management infrastructure (bsc#1228030).
- btrfs: send: avoid copying file data (bsc#1228030).
- btrfs: send: explicitly number commands and attributes (bsc#1228030).
- btrfs: send: fix failures when processing inodes with no links (bsc#1228030).
- btrfs: send: fix send failure of a subcase of orphan inodes (bsc#1228030).
- btrfs: send: fix sending link commands for existing file paths (bsc#1228030).
- btrfs: send: get rid of i_size logic in send_write() (bsc#1228030).
- btrfs: send: introduce recorded_ref_alloc and recorded_ref_free (bsc#1228030).
- btrfs: send: prepare for v2 protocol (bsc#1228030).
- btrfs: send: refactor arguments of get_inode_info() (bsc#1228030).
- btrfs: send: remove stale code when checking for shared extents (bsc#1228030).
- btrfs: send: remove unused found_type parameter to lookup_dir_item_inode() (bsc#1228030).
- btrfs: send: remove unused send_ctx::{total,cmd}_send_size (bsc#1228030).
- btrfs: send: use boolean types for current inode status (bsc#1228030).
- btrfs: silence maybe-uninitialized warning in clone_range (bsc#1228030).
- drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes).
- drm/vc4: dsi: Only register our component once a DSI device is (bsc#1227975)
- hv_netvsc: rndis_filter needs to select NLS (git-fixes).
- ipv6: sr: fix incorrect unregister order (git-fixes).
- kgdb: Add kgdb_has_hit_break function (git-fixes).
- kgdb: Move the extern declaration kgdb_has_hit_break() to generic kgdb.h (git-fixes).
- net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).
- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
- net: mana: select PAGE_POOL (git-fixes).
- net_sched: add a temporary refcnt for struct tcindex_data (bsc#1224975).
- net_sched: fix a memory leak in cls_tcindex (bsc#1224975).
- net_sched: fix a missing refcnt in tcindex_init() (bsc#1224975).
- net_sched: hold rtnl lock in tcindex_partial_destroy_work() (bsc#1224975)
- nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).
- nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
- ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834).
- ocfs2: remove redundant assignment to variable free_space (bsc#1228409).
- ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
- sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407).
- scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
- scsi: qla2xxx: Complete command early within lock (bsc#1228850).
- scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
- scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
- scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
- scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
- scsi: qla2xxx: Fix flash read failure (bsc#1228850).
- scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
- scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
- scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
- scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
- scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
- scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
- scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
- scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
- signal: Introduce clear_siginfo (git-fixes).
- string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850).
- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
- tools lib: Fix builds when glibc contains strlcpy() (git-fixes).
- tools: hv: fix KVP and VSS daemons exit code (git-fixes).
- usb: add a hcd_uses_dma helper (git-fixes).
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
- x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (git-fixes).
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
- x86/boot/e820: Fix typo in e820.c comment (git-fixes).
- x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes).
- x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes).
- x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes).
- x86/fpu: Return proper error codes from user access functions (git-fixes).
- x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git-fixes).
- x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git-fixes).
- x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git-fixes).
- x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes (git-fixes).
- x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes).
- x86: __memcpy_flushcache: fix wrong alignment if size > 232 (git-fixes).
- xfs: check that dir block entries do not off the end of the buffer (git-fixes).
- xfs: refactor xfs_verifier_error and xfs_buf_ioerror (git-fixes).
- xfs: remove XFS_WANT_CORRUPTED_RETURN from dir3 data verifiers (git-fixes).
- xhci: Poll for U0 after disabling USB2 LPM (git-fixes).
- ID
- SUSE-SU-2024:2901-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20242901-1/
- Published
-
2024-08-14T07:24:46
(4 weeks ago) - Modified
-
2024-08-14T07:24:46
(4 weeks ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2022-1577
- ALAS-2023-1838
- ALAS-2024-1942
- ALAS2-2021-1685
- ALAS2-2022-1749
- ALAS2-2022-1761
- ALAS2-2022-1768
- ALAS2-2023-2264
- ALAS2-2024-2549
- ALAS2-2024-2581
- ALAS2-2024-2622
- ALSA-2021:4356
- ALSA-2022:7683
- ALSA-2022:8267
- ALSA-2023:0101
- ALSA-2023:0334
- ALSA-2024:3138
- ALSA-2024:3618
- ALSA-2024:4211
- ALSA-2024:5101
- ASB-A-174886838
- DSA-4951-1
- DSA-5658-1
- DSA-5680-1
- DSA-5681-1
- DSA-5703-1
- DSA-5730-1
- DSA-5731-1
- DSA-5747-1
- ELSA-2021-4356
- ELSA-2021-4432
- ELSA-2022-10065
- ELSA-2022-7683
- ELSA-2022-8267
- ELSA-2022-9088
- ELSA-2022-9852
- ELSA-2023-0101
- ELSA-2023-0334
- ELSA-2023-0399
- ELSA-2023-13043
- ELSA-2024-12151
- ELSA-2024-12153
- ELSA-2024-12154
- ELSA-2024-1248
- ELSA-2024-12546
- ELSA-2024-12547
- ELSA-2024-12548
- ELSA-2024-12549
- ELSA-2024-12551
- ELSA-2024-12552
- ELSA-2024-12570
- ELSA-2024-12571
- ELSA-2024-12581
- ELSA-2024-12582
- ELSA-2024-12583
- ELSA-2024-12584
- ELSA-2024-12585
- ELSA-2024-12606
- ELSA-2024-12610
- ELSA-2024-12611
- ELSA-2024-12612
- ELSA-2024-3138
- ELSA-2024-3618
- ELSA-2024-3619
- ELSA-2024-4211
- ELSA-2024-4928
- ELSA-2024-5101
- ELSA-2024-5363
- ELSA-2024-5928
- FEDORA-2021-a35b44fd9f
- FEDORA-2024-010fe8772a
- FEDORA-2024-873e2cb5f2
- FEDORA-2024-92664ae6fe
- FEDORA-2024-bc0db39a14
- FEDORA-2024-f35f9525d6
- GLSA-202209-16
- MS:CVE-2020-26558
- openSUSE-SU-2021:2184-1
- openSUSE-SU-2021:2202-1
- openSUSE-SU-2021:2291-1
- openSUSE-SU-2021:2427-1
- RHSA-2021:4140
- RHSA-2021:4356
- RHSA-2021:4432
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RHSA-2023:0101
- RHSA-2023:0114
- RHSA-2023:0123
- RHSA-2023:0300
- RHSA-2023:0334
- RHSA-2023:0348
- RHSA-2023:0399
- RHSA-2023:0400
- RHSA-2023:0404
- RHSA-2024:2950
- RHSA-2024:3138
- RHSA-2024:3618
- RHSA-2024:3627
- RHSA-2024:4211
- RHSA-2024:4352
- RHSA-2024:5101
- RHSA-2024:5102
- RHSA-2024:6242
- RLSA-2021:4356
- RLSA-2022:7683
- RLSA-2023:0101
- RLSA-2023:0334
- RLSA-2024:3138
- RLSA-2024:3618
- RLSA-2024:3619
- RLSA-2024:4211
- RLSA-2024:4928
- RLSA-2024:5101
- SSA:2021-202-01
- SSA:2023-325-01
- SSA:2024-157-01
- SUSE-SU-2021:2184-1
- SUSE-SU-2021:2202-1
- SUSE-SU-2021:2291-1
- SUSE-SU-2021:2303-1
- SUSE-SU-2021:2321-1
- SUSE-SU-2021:2324-1
- SUSE-SU-2021:2325-1
- SUSE-SU-2021:2349-1
- SUSE-SU-2021:2406-1
- SUSE-SU-2021:2421-1
- SUSE-SU-2021:2422-1
- SUSE-SU-2021:2426-1
- SUSE-SU-2021:2427-1
- SUSE-SU-2021:2451-1
- SUSE-SU-2022:1257-1
- SUSE-SU-2022:1651-1
- SUSE-SU-2022:1668-1
- SUSE-SU-2022:1669-1
- SUSE-SU-2022:1676-1
- SUSE-SU-2022:1686-1
- SUSE-SU-2022:1687-1
- SUSE-SU-2022:2111-1
- SUSE-SU-2022:3263-1
- SUSE-SU-2022:3264-1
- SUSE-SU-2022:3265-1
- SUSE-SU-2022:3274-1
- SUSE-SU-2022:3282-1
- SUSE-SU-2022:3288-1
- SUSE-SU-2022:3291-1
- SUSE-SU-2022:3293-1
- SUSE-SU-2022:3294-1
- SUSE-SU-2022:3408-1
- SUSE-SU-2022:3422-1
- SUSE-SU-2022:3450-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:3687-1
- SUSE-SU-2022:3691-1
- SUSE-SU-2022:3809-1
- SUSE-SU-2022:3897-1
- SUSE-SU-2022:3929-1
- SUSE-SU-2022:3930-1
- SUSE-SU-2022:3998-1
- SUSE-SU-2022:4053-1
- SUSE-SU-2022:4072-1
- SUSE-SU-2022:4272-1
- SUSE-SU-2022:4273-1
- SUSE-SU-2022:4520-1
- SUSE-SU-2022:4528-1
- SUSE-SU-2022:4550-1
- SUSE-SU-2022:4561-1
- SUSE-SU-2022:4562-1
- SUSE-SU-2022:4573-1
- SUSE-SU-2022:4574-1
- SUSE-SU-2022:4587-1
- SUSE-SU-2022:4589-1
- SUSE-SU-2022:4595-1
- SUSE-SU-2022:4611-1
- SUSE-SU-2022:4614-1
- SUSE-SU-2022:4615-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2023:4730-1
- SUSE-SU-2023:4731-1
- SUSE-SU-2023:4732-1
- SUSE-SU-2023:4734-1
- SUSE-SU-2023:4782-1
- SUSE-SU-2023:4810-1
- SUSE-SU-2024:1320-1
- SUSE-SU-2024:1321-1
- SUSE-SU-2024:1322-1
- SUSE-SU-2024:1466-1
- SUSE-SU-2024:1480-1
- SUSE-SU-2024:1490-1
- SUSE-SU-2024:1641-1
- SUSE-SU-2024:1642-1
- SUSE-SU-2024:1644-1
- SUSE-SU-2024:1645-1
- SUSE-SU-2024:1647-1
- SUSE-SU-2024:1650-1
- SUSE-SU-2024:1659-1
- SUSE-SU-2024:1663-1
- SUSE-SU-2024:1979-1
- SUSE-SU-2024:1983-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2010-1
- SUSE-SU-2024:2011-1
- SUSE-SU-2024:2019-1
- SUSE-SU-2024:2135-1
- SUSE-SU-2024:2183-1
- SUSE-SU-2024:2184-1
- SUSE-SU-2024:2185-1
- SUSE-SU-2024:2189-1
- SUSE-SU-2024:2190-1
- SUSE-SU-2024:2203-1
- SUSE-SU-2024:2360-1
- SUSE-SU-2024:2362-1
- SUSE-SU-2024:2365-1
- SUSE-SU-2024:2372-1
- SUSE-SU-2024:2381-1
- SUSE-SU-2024:2384-1
- SUSE-SU-2024:2385-1
- SUSE-SU-2024:2394-1
- SUSE-SU-2024:2493-1
- SUSE-SU-2024:2495-1
- SUSE-SU-2024:2561-1
- SUSE-SU-2024:2571-1
- SUSE-SU-2024:2802-1
- SUSE-SU-2024:2892-1
- SUSE-SU-2024:2893-1
- SUSE-SU-2024:2894-1
- SUSE-SU-2024:2895-1
- SUSE-SU-2024:2896-1
- SUSE-SU-2024:2902-1
- SUSE-SU-2024:2923-1
- SUSE-SU-2024:2929-1
- SUSE-SU-2024:2939-1
- SUSE-SU-2024:2940-1
- SUSE-SU-2024:2947-1
- SUSE-SU-2024:2948-1
- SUSE-SU-2024:2973-1
- SUSE-SU-2024:3189-1
- SUSE-SU-2024:3190-1
- SUSE-SU-2024:3194-1
- SUSE-SU-2024:3195-1
- SUSE-SU-2024:3209-1
- SUSE-SU-2024:3225-1
- USN-4989-1
- USN-4989-2
- USN-5017-1
- USN-5018-1
- USN-5046-1
- USN-5050-1
- USN-5299-1
- USN-5343-1
- USN-5580-1
- USN-5650-1
- USN-6444-1
- USN-6444-2
- USN-6445-1
- USN-6445-2
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6461-1
- USN-6466-1
- USN-6503-1
- USN-6537-1
- USN-6572-1
- USN-6681-1
- USN-6681-2
- USN-6681-3
- USN-6681-4
- USN-6688-1
- USN-6716-1
- USN-6724-1
- USN-6724-2
- USN-6725-1
- USN-6725-2
- USN-6726-1
- USN-6726-2
- USN-6726-3
- USN-6765-1
- USN-6766-1
- USN-6766-2
- USN-6766-3
- USN-6767-1
- USN-6767-2
- USN-6774-1
- USN-6777-1
- USN-6777-2
- USN-6777-3
- USN-6777-4
- USN-6778-1
- USN-6795-1
- USN-6816-1
- USN-6817-1
- USN-6817-2
- USN-6817-3
- USN-6818-1
- USN-6818-2
- USN-6818-3
- USN-6818-4
- USN-6819-1
- USN-6819-2
- USN-6819-3
- USN-6819-4
- USN-6820-1
- USN-6820-2
- USN-6821-1
- USN-6821-2
- USN-6821-3
- USN-6821-4
- USN-6828-1
- USN-6831-1
- USN-6863-1
- USN-6864-1
- USN-6864-2
- USN-6864-3
- USN-6865-1
- USN-6866-1
- USN-6866-2
- USN-6866-3
- USN-6867-1
- USN-6869-1
- USN-6870-1
- USN-6870-2
- USN-6871-1
- USN-6872-1
- USN-6872-2
- USN-6873-1
- USN-6873-2
- USN-6874-1
- USN-6875-1
- USN-6878-1
- USN-6892-1
- USN-6893-1
- USN-6893-2
- USN-6893-3
- USN-6895-1
- USN-6895-2
- USN-6895-3
- USN-6895-4
- USN-6896-1
- USN-6896-2
- USN-6896-3
- USN-6896-4
- USN-6896-5
- USN-6898-1
- USN-6898-2
- USN-6898-3
- USN-6898-4
- USN-6900-1
- USN-6917-1
- USN-6918-1
- USN-6919-1
- USN-6926-1
- USN-6926-2
- USN-6926-3
- USN-6927-1
- USN-6938-1
- USN-6949-1
- USN-6949-2
- USN-6950-1
- USN-6950-2
- USN-6950-3
- USN-6950-4
- USN-6951-1
- USN-6951-2
- USN-6951-3
- USN-6951-4
- USN-6952-1
- USN-6952-2
- USN-6953-1
- USN-6955-1
- USN-6956-1
- USN-6957-1
- USN-6972-1
- USN-6972-2
- USN-6972-3
- USN-6972-4
- USN-6973-1
- USN-6973-2
- USN-6973-3
- USN-6973-4
- USN-6974-1
- USN-6974-2
- USN-6976-1
- USN-6979-1
- USN-6999-1
- USN-7003-1
- USN-7003-2
- USN-7003-3
- USN-7004-1
- USN-7005-1
- USN-7005-2
- USN-7006-1
- USN-7007-1
- USN-7008-1
- USN-7009-1
- VU:799380
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |