SLE 15 Kernel module development container based on the SLE Base Container Image.
Last scanned on: May 04, 2025 13:46
| Package Name | Severity | Status | Description | Reference links | |
|---|---|---|---|---|---|
| kernel-default-devel | HIGH | fixed |
Security update for the Linux Kernel Vulnerability ID: SUSE-SU-2025:0201-1 Installed Version: 5.14.21-150500.55.68.1 Fixed Version: 5.14.21-150500.55.91.1 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332). - CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694). - CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045). - CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288). - CVE-2023-33951: Fixed a race condition that could have led to an information disclosure inside the vmwgfx driver (bsc#1211593). - CVE-2023-33952: Fixed a double free that could have led to a local privilege escalation inside the vmwgfx driver (bsc#1211595). - CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823). - CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044). - CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). - CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). - CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). - CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453). - CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). - CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). - CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). - CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). - CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). - CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050). - CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127). - CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). - CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096). - CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). - CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). - CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469). - CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). - CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). - CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547). - CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550). - CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568). - CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464). - CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564). - CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). - CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). - CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769). - CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). - CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072). - CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). - CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). - CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). - CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). - CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). - CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834). - CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). - CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827). - CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811). - CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). - CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). - CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). - CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971). - CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973). - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). - CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). - CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). - CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). - CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). - CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). - CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). - CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). - CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037). - CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039). - CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). - CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). - CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). - CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). - CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: - ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) - Documentation: Add x86/amd_hsmp driver (jsc#PED-1295). - Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes). - Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139) - KVM: x86: fix sending PV IPI (git-fixes). - NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes). - NFSD: Fix nfsd4_shutdown_copy() (git-fixes). - NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472). - NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). - NFSD: Prevent a potential integer overflow (git-fixes). - NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472). - NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes). - PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes). - RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes) - README: Clean-up trailing whitespace - SUNRPC: make sure cache entry active before cache_show (git-fixes). - amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295). - arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) - arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes). - arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes). - arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes). - arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (git-fixes). - arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git-fixes). - arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes). - autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). - autofs: use flexible array in ioctl structure (git-fixes). - devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422). - devlink: do not require setting features before registration (bsc#1231388 bsc#1230422). - dma-fence: Fix reference leak on fence merge failure path (git-fixes). - dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). - dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357). - drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes). - drm/v3d: Enable Performance Counters before clearing them (git-fixes). - exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). - fixup 'rpm: support gz and zst compression methods' once more (bsc#1190428, bsc#1190358) Fixes: 3b8c4d9bcc24 ('rpm: support gz and zst compression methods') Fixes: 23510fce36ec ('fixup 'rpm: support gz and zst compression methods'') - hfsplus: do not query the device logical block size multiple times (git-fixes). - idpf: add support for SW triggered interrupts (bsc#1235507). - idpf: enable WB_ON_ITR (bsc#1235507). - idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). - ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727). - jffs2: Fix rtime decompressor (git-fixes). - jffs2: Prevent rtime decompress memory corruption (git-fixes). - jffs2: fix use of uninitialized variable (git-fixes). - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes). - jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). - jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). - jfs: fix shift-out-of-bounds in dbSplit (git-fixes). - jfs: xattr: check invalid xattr size more strictly (git-fixes). - kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth - kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. - kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639). - memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763). - mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120). - mmc: core: Further prevent card detect during shutdown (git-fixes). - net/ipv6: release expired exception dst cached in socket (bsc#1216813). - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). - nfsd: make sure exp active before svc_export_show (git-fixes). - nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472). - nfsd: restore callback functionality for NFSv4.0 (git-fixes). - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). - nilfs2: prevent use of deleted inode (git-fixes). - ocfs2: uncache inode which has failed entering the group (bsc#1234087). - phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763). - platform/x86: Add AMD system management interface (jsc#PED-1295). - proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes). - pwm: tegra: Improve required rate calculation (jsc#PED-1763). - regmap: detach regmap from dev on regmap_exit (git-fixes). - rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression - scatterlist: fix incorrect func name in kernel-doc (git-fixes). - scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo - scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). - serial: tegra: Read DMA status before terminating (jsc#PED-1763). - smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. - spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes). - sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git-fixes). - supported.conf: add bsc1185010 dependency - supported.conf: hyperv_drm (jsc#sle-19733) - svcrdma: Address an integer overflow (git-fixes). - svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes). - tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) - ubifs: Correct the total block count by deducting journal reservation (git-fixes). - ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes). - udf: Handle error when adding extent to a file (bsc#1234437). - udf: refactor udf_current_aext() to handle error (bsc#1234240). - udf: refactor udf_next_aext() to handle error (bsc#1234241). - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). - usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes). - x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). - x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). - x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). - x86/fpu: Remove unused supervisor only offsets (git-fixes). - x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). - x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). - x86/mce: Allow instrumentation during task work queueing (git-fixes). - x86/mce: Mark mce_end() noinstr (git-fixes). - x86/mce: Mark mce_panic() noinstr (git-fixes). - x86/mce: Mark mce_read_aux() noinstr (git-fixes). - x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes). - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). - x86/sgx: Free backing memory after faulting the enclave page (git-fixes). - x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes). - x86/uaccess: Move variable into switch case statement (git-fixes). - x86: Annotate call_on_stack() (git-fixes). - xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). - zonefs: fix zone report size in __zonefs_io_error() (git-fixes). |
|
|
| kernel-default-devel | HIGH | fixed |
Security update for the Linux Kernel Vulnerability ID: SUSE-SU-2025:0201-2 Installed Version: 5.14.21-150500.55.68.1 Fixed Version: 5.14.21-150500.55.91.1 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332). - CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694). - CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045). - CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288). - CVE-2023-33951: Fixed a race condition that could have led to an information disclosure inside the vmwgfx driver (bsc#1211593). - CVE-2023-33952: Fixed a double free that could have led to a local privilege escalation inside the vmwgfx driver (bsc#1211595). - CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823). - CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044). - CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). - CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). - CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). - CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453). - CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). - CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). - CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). - CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). - CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). - CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050). - CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127). - CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). - CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096). - CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). - CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). - CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469). - CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). - CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). - CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547). - CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550). - CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568). - CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464). - CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564). - CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). - CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). - CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769). - CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). - CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072). - CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). - CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). - CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). - CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). - CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). - CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834). - CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). - CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827). - CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811). - CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). - CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). - CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). - CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971). - CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973). - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). - CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). - CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). - CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). - CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). - CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). - CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). - CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). - CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037). - CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039). - CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). - CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). - CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). - CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). - CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: - ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) - Documentation: Add x86/amd_hsmp driver (jsc#PED-1295). - Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes). - Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139) - KVM: x86: fix sending PV IPI (git-fixes). - NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes). - NFSD: Fix nfsd4_shutdown_copy() (git-fixes). - NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472). - NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). - NFSD: Prevent a potential integer overflow (git-fixes). - NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472). - NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes). - PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes). - RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes) - README: Clean-up trailing whitespace - SUNRPC: make sure cache entry active before cache_show (git-fixes). - amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295). - arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) - arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes). - arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes). - arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes). - arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (git-fixes). - arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git-fixes). - arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes). - autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). - autofs: use flexible array in ioctl structure (git-fixes). - devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422). - devlink: do not require setting features before registration (bsc#1231388 bsc#1230422). - dma-fence: Fix reference leak on fence merge failure path (git-fixes). - dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). - dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357). - drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes). - drm/v3d: Enable Performance Counters before clearing them (git-fixes). - exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). - fixup 'rpm: support gz and zst compression methods' once more (bsc#1190428, bsc#1190358) Fixes: 3b8c4d9bcc24 ('rpm: support gz and zst compression methods') Fixes: 23510fce36ec ('fixup 'rpm: support gz and zst compression methods'') - hfsplus: do not query the device logical block size multiple times (git-fixes). - idpf: add support for SW triggered interrupts (bsc#1235507). - idpf: enable WB_ON_ITR (bsc#1235507). - idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). - ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727). - jffs2: Fix rtime decompressor (git-fixes). - jffs2: Prevent rtime decompress memory corruption (git-fixes). - jffs2: fix use of uninitialized variable (git-fixes). - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes). - jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). - jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). - jfs: fix shift-out-of-bounds in dbSplit (git-fixes). - jfs: xattr: check invalid xattr size more strictly (git-fixes). - kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth - kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. - kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639). - memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763). - mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120). - mmc: core: Further prevent card detect during shutdown (git-fixes). - net/ipv6: release expired exception dst cached in socket (bsc#1216813). - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). - nfsd: make sure exp active before svc_export_show (git-fixes). - nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472). - nfsd: restore callback functionality for NFSv4.0 (git-fixes). - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). - nilfs2: prevent use of deleted inode (git-fixes). - ocfs2: uncache inode which has failed entering the group (bsc#1234087). - phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763). - platform/x86: Add AMD system management interface (jsc#PED-1295). - proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes). - pwm: tegra: Improve required rate calculation (jsc#PED-1763). - regmap: detach regmap from dev on regmap_exit (git-fixes). - rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression - scatterlist: fix incorrect func name in kernel-doc (git-fixes). - scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo - scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). - serial: tegra: Read DMA status before terminating (jsc#PED-1763). - smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. - spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes). - sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git-fixes). - supported.conf: add bsc1185010 dependency - supported.conf: hyperv_drm (jsc#sle-19733) - svcrdma: Address an integer overflow (git-fixes). - svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes). - tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) - ubifs: Correct the total block count by deducting journal reservation (git-fixes). - ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes). - udf: Handle error when adding extent to a file (bsc#1234437). - udf: refactor udf_current_aext() to handle error (bsc#1234240). - udf: refactor udf_next_aext() to handle error (bsc#1234241). - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). - usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes). - x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). - x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). - x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). - x86/fpu: Remove unused supervisor only offsets (git-fixes). - x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). - x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). - x86/mce: Allow instrumentation during task work queueing (git-fixes). - x86/mce: Mark mce_end() noinstr (git-fixes). - x86/mce: Mark mce_panic() noinstr (git-fixes). - x86/mce: Mark mce_read_aux() noinstr (git-fixes). - x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes). - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). - x86/sgx: Free backing memory after faulting the enclave page (git-fixes). - x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes). - x86/uaccess: Move variable into switch case statement (git-fixes). - x86: Annotate call_on_stack() (git-fixes). - xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). - zonefs: fix zone report size in __zonefs_io_error() (git-fixes). |
|
|
| kernel-default-devel | HIGH | fixed |
Security update for the Linux Kernel Vulnerability ID: SUSE-SU-2025:0577-1 Installed Version: 5.14.21-150500.55.68.1 Fixed Version: 5.14.21-150500.55.94.1 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736). - CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088). - CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028). - CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055). - CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). - CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488). - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). - CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). - CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884). - CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). - CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is active (bsc#1235002). - CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011). - CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123). - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230). - CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521). - CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). - CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). - CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433). - CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting (bsc#1235134). - CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451). - CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). - CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). - CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). - CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). - CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934). - CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). - CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). - CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits (bsc#1235764). - CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768). - CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). - CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). - CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology removal (bsc#1235806). - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). - CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction (bsc#1235969). The following non-security bugs were fixed: - NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). - NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). - NFS: Improve heuristic for readdirplus (bsc#1231847). - NFS: Trigger the 'ls -l' readdir heuristic sooner (bsc#1231847). - VFS: use system_unbound_wq for delayed_mntput (bsc#1234683). - ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592). - ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980). - netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778). - powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825). - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes). |
|
|
| kernel-default-devel | HIGH | fixed |
Security update for the Linux Kernel Vulnerability ID: SUSE-SU-2025:0577-2 Installed Version: 5.14.21-150500.55.68.1 Fixed Version: 5.14.21-150500.55.94.1 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736). - CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088). - CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028). - CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055). - CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). - CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488). - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). - CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). - CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884). - CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). - CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is active (bsc#1235002). - CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011). - CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123). - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230). - CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521). - CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). - CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). - CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433). - CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting (bsc#1235134). - CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451). - CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). - CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). - CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). - CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). - CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934). - CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). - CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). - CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits (bsc#1235764). - CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768). - CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). - CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). - CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology removal (bsc#1235806). - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). - CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction (bsc#1235969). The following non-security bugs were fixed: - NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). - NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). - NFS: Improve heuristic for readdirplus (bsc#1231847). - NFS: Trigger the 'ls -l' readdir heuristic sooner (bsc#1231847). - VFS: use system_unbound_wq for delayed_mntput (bsc#1234683). - ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592). - ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980). - netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778). - powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825). - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes). |
|
|
| kernel-default-devel | HIGH | fixed |
Security update for the Linux Kernel Vulnerability ID: SUSE-SU-2025:0833-1 Installed Version: 5.14.21-150500.55.68.1 Fixed Version: 5.14.21-150500.55.97.1 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). - CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154). - CVE-2024-53226: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (bsc#1236576) - CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677). - CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). - CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). - CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: - cpufreq/amd-pstate: Only print supported EPP values for performance governor (bsc#1236777). - iavf: fix the waiting time for initial reset (bsc#1235111). - ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1235111). - ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1235111). - ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1235111). - idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316). - ipv4/tcp: do not use per netns ctl sockets (bsc#1237693). - kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). - net: Fix undefined behavior in netdev name allocation (bsc#1233749). - net: avoid UAF on deleted altname (bsc#1233749). - net: check for altname conflicts when changing netdev's netns (bsc#1233749). - net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). - net: do not send a MOVE event when netdev changes netns (bsc#1233749). - net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). - net: fix ifname in netlink ntf during netns move (bsc#1233749). - net: fix removing a namespace with conflicting altnames (bsc#1233749). - net: free altname using an RCU callback (bsc#1233749). - net: introduce a function to check if a netdev name is in use (bsc#1233749). - net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). - net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). - net: mana: Cleanup 'mana' debugfs dir after cleanup of all children (bsc#1236760). - net: mana: Enable debugfs files for MANA device (bsc#1236758). - net: minor __dev_alloc_name() optimization (bsc#1233749). - net: move altnames together with the netdevice (bsc#1233749). - net: netvsc: Update default VMBus channels (bsc#1236757). - net: reduce indentation of __dev_alloc_name() (bsc#1233749). - net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). - net: remove else after return in dev_prep_valid_name() (bsc#1233749). - net: trust the bitmap in __dev_alloc_name() (bsc#1233749). - nfsd: use explicit lock/unlock for directory ops (bsc#1234650 bsc#1233701 bsc#1232472). - rcu: Remove rcu_is_idle_cpu() (bsc#1236289). - scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). - x86/aperfmperf: Dont wake idle CPUs in arch_freq_get_on_cpu() (bsc#1236289). - x86/aperfmperf: Integrate the fallback code from show_cpuinfo() (bsc#1236289). - x86/aperfmperf: Make parts of the frequency invariance code unconditional (bsc#1236289). - x86/aperfmperf: Put frequency invariance aperf/mperf data into a struct (bsc#1236289). - x86/aperfmperf: Replace aperfmperf_get_khz() (bsc#1236289). - x86/aperfmperf: Replace arch_freq_get_on_cpu() (bsc#1236289). - x86/aperfmperf: Restructure arch_scale_freq_tick() (bsc#1236289). - x86/aperfmperf: Separate AP/BP frequency invariance init (bsc#1236289). - x86/aperfmperf: Store aperf/mperf data for cpu frequency reads (bsc#1236289). - x86/aperfmperf: Untangle Intel and AMD frequency invariance init (bsc#1236289). - x86/aperfperf: Make it correct on 32bit and UP kernels (bsc#1236289). - x86/smp: Move APERF/MPERF code where it belongs (bsc#1236289). - x86/smp: Remove unnecessary assignment to local var freq_scale (bsc#1236289). - x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). - x86/xen: allow larger contiguous memory regions in PV guests (bsc#1236951). - x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). - xen/swiotlb: relax alignment requirements (bsc#1236951). |
|
|