SUSE-SU-2024:1320-1: important: Security update for the Linux Kernel

16 Apr 2024

      # Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1320-1  
Rating: important  
References:

  * bsc#1212514
  * bsc#1220237
  * bsc#1220320
  * bsc#1220340
  * bsc#1220366
  * bsc#1220411
  * bsc#1220413
  * bsc#1220439
  * bsc#1220443
  * bsc#1220445
  * bsc#1220466
  * bsc#1220478
  * bsc#1220482
  * bsc#1220484
  * bsc#1220486
  * bsc#1220487
  * bsc#1220790
  * bsc#1220831
  * bsc#1220833
  * bsc#1220836
  * bsc#1220839
  * bsc#1220840
  * bsc#1220843
  * bsc#1220870
  * bsc#1220871
  * bsc#1220872
  * bsc#1220878
  * bsc#1220879
  * bsc#1220885
  * bsc#1220898
  * bsc#1220918
  * bsc#1220920
  * bsc#1220921
  * bsc#1220926
  * bsc#1220927
  * bsc#1220929
  * bsc#1220932
  * bsc#1220938
  * bsc#1220940
  * bsc#1220954
  * bsc#1220955
  * bsc#1220959
  * bsc#1220960
  * bsc#1220961
  * bsc#1220965
  * bsc#1220969
  * bsc#1220978
  * bsc#1220979
  * bsc#1220981
  * bsc#1220982
  * bsc#1220983
  * bsc#1220985
  * bsc#1220986
  * bsc#1220987
  * bsc#1220989
  * bsc#1220990
  * bsc#1221009
  * bsc#1221012
  * bsc#1221015
  * bsc#1221022
  * bsc#1221039
  * bsc#1221040
  * bsc#1221048
  * bsc#1221055
  * bsc#1221058
  * bsc#1221077
  * bsc#1221276
  * bsc#1221551
  * bsc#1221553
  * bsc#1221725
  * bsc#1222073
  * bsc#1222619
  * jsc#PED-5759

Cross-References:

  * CVE-2021-46925
  * CVE-2021-46926
  * CVE-2021-46927
  * CVE-2021-46929
  * CVE-2021-46930
  * CVE-2021-46931
  * CVE-2021-46933
  * CVE-2021-46936
  * CVE-2021-47082
  * CVE-2021-47087
  * CVE-2021-47091
  * CVE-2021-47093
  * CVE-2021-47094
  * CVE-2021-47095
  * CVE-2021-47096
  * CVE-2021-47097
  * CVE-2021-47098
  * CVE-2021-47099
  * CVE-2021-47100
  * CVE-2021-47101
  * CVE-2021-47102
  * CVE-2021-47104
  * CVE-2021-47105
  * CVE-2021-47107
  * CVE-2021-47108
  * CVE-2022-48626
  * CVE-2022-48629
  * CVE-2022-48630
  * CVE-2023-35827
  * CVE-2023-52450
  * CVE-2023-52454
  * CVE-2023-52469
  * CVE-2023-52470
  * CVE-2023-52474
  * CVE-2023-52477
  * CVE-2023-52492
  * CVE-2023-52497
  * CVE-2023-52501
  * CVE-2023-52502
  * CVE-2023-52504
  * CVE-2023-52507
  * CVE-2023-52508
  * CVE-2023-52509
  * CVE-2023-52510
  * CVE-2023-52511
  * CVE-2023-52513
  * CVE-2023-52515
  * CVE-2023-52517
  * CVE-2023-52519
  * CVE-2023-52520
  * CVE-2023-52523
  * CVE-2023-52524
  * CVE-2023-52525
  * CVE-2023-52528
  * CVE-2023-52529
  * CVE-2023-52532
  * CVE-2023-52564
  * CVE-2023-52566
  * CVE-2023-52567
  * CVE-2023-52569
  * CVE-2023-52574
  * CVE-2023-52575
  * CVE-2023-52576
  * CVE-2023-52582
  * CVE-2023-52583
  * CVE-2023-52597
  * CVE-2023-52605
  * CVE-2023-52621
  * CVE-2024-25742
  * CVE-2024-26600

CVSS scores:

  * CVE-2021-46925 ( SUSE ):  5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46925 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46926 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46927 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46927 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46929 ( SUSE ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2021-46929 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46930 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2021-46930 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46931 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46931 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46933 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2021-46933 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46936 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-46936 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47082 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47087 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2021-47093 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
  * CVE-2021-47094 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2021-47095 ( SUSE ):  5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47096 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2021-47097 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2021-47099 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47100 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47101 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2021-47102 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47104 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2021-47105 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2021-47107 ( SUSE ):  6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2021-47108 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48626 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2022-48629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2022-48630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-35827 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52450 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52450 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52454 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52469 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2023-52470 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52474 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  * CVE-2023-52477 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52492 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52497 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-52501 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-52502 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52504 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52507 ( SUSE ):  5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-52508 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52509 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52510 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52511 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52513 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52515 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52517 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52519 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52520 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52523 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52524 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52525 ( SUSE ):  3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2023-52528 ( SUSE ):  3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-52529 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52532 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52564 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52566 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52567 ( SUSE ):  2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
  * CVE-2023-52569 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52574 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52575 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52576 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52582 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52583 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52597 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
  * CVE-2023-52605 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52621 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-25742 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-26600 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

  * openSUSE Leap Micro 5.3
  * openSUSE Leap Micro 5.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves 70 vulnerabilities, contains one feature and has two
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
  * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-
    acpi (bsc#1220478).
  * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use
    get_user_pages_unlocked() (bsc#1220443).
  * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump()
    (bsc#1220482).
  * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
  * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
    (bsc#1220486).
  * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
  * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
  * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
  * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
  * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path
    (bsc#1220959).
  * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core
    (bsc#1220978).
  * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
  * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
  * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi
    (bsc#1220981).
  * CVE-2021-47097: Fixed stack out of bound access in
    elantech_change_report_id() (bsc#1220982).
  * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations
    hwmon: (lm90) (bsc#1220983).
  * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are
    cloned (bsc#1220955).
  * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
  * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
  * CVE-2021-47102: Fixed incorrect structure access In line: upper =
    info->upper_dev in net/marvell/prestera (bsc#1221009).
  * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts()
    (bsc#1220960).
  * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
  * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
  * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in
    drm/mediatek (bsc#1220986).
  * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart
    (bsc#1220366).
  * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
  * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in
    crypto: qcom-rng (bsc#1220990).
  * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work()
    (bsc#1212514).
  * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology()
    (bsc#1220237).
  * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU
    length (bsc#1220320).
  * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
    (bsc#1220411).
  * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
  * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
    user SDMA requests (bsc#1220445).
  * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors
    (bsc#1220790).
  * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
    function __dma_async_device_channel_register() (bsc#1221276).
  * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
  * CVE-2023-52501: Fixed possible memory corruption in ring-buffer
    (bsc#1220885).
  * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
    nfc_llcp_sock_get_sn() (bsc#1220831).
  * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a
    5-level paging machine (bsc#1221553).
  * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
  * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
    (bsc#1221015).
  * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work()
    (bsc#1220836).
  * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
  * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
  * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
  * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
  * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO
    drain in spi/sun6i (bsc#1221055).
  * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc
    (bsc#1220920).
  * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi
    (bsc#1220921).
  * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf
    (bsc#1220926).
  * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
  * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet()
    (bsc#1220840).
  * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg()
    (bsc#1220843).
  * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
  * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
  * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux()
    (bsc#1220938).
  * CVE-2023-52566: Fixed potential use after free in
    nilfs_gccache_submit_read_data() (bsc#1220940).
  * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ
    polling (irq = 0) (bsc#1220839).
  * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to
    insert delayed dir index item (bsc#1220918).
  * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
  * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
    (bsc#1220871).
  * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range()
    (bsc#1220872).
  * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
  * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
    (bsc#1221058).
  * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
  * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
  * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
  * CVE-2024-25742: Fixed insufficient validation during #VC instruction
    emulation in x86/sev (bsc#1221725).
  * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
    (bsc#1220340).

The following non-security bugs were fixed:

  * doc/README.SUSE: Update information about module support status
    (jsc#PED-5759)
  * group-source-files.pl: Quote filenames (boo#1221077).
  * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap Micro 5.3  
    zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1320=1

  * openSUSE Leap Micro 5.4  
    zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1320=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2024-1320=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2024-1320=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2024-1320=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2024-1320=1

## Package List:

  * openSUSE Leap Micro 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.76.1
  * openSUSE Leap Micro 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.76.1
    * kernel-rt-debugsource-5.14.21-150400.15.76.1
  * openSUSE Leap Micro 5.4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.76.1
  * openSUSE Leap Micro 5.4 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.76.1
    * kernel-rt-debugsource-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.76.1
    * kernel-rt-debugsource-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * kernel-source-rt-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.76.1
    * kernel-rt-debugsource-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * kernel-source-rt-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.76.1
    * kernel-rt-debugsource-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * kernel-source-rt-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro 5.4 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.76.1
    * kernel-rt-debugsource-5.14.21-150400.15.76.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * kernel-source-rt-5.14.21-150400.15.76.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-46925.html
  * https://www.suse.com/security/cve/CVE-2021-46926.html
  * https://www.suse.com/security/cve/CVE-2021-46927.html
  * https://www.suse.com/security/cve/CVE-2021-46929.html
  * https://www.suse.com/security/cve/CVE-2021-46930.html
  * https://www.suse.com/security/cve/CVE-2021-46931.html
  * https://www.suse.com/security/cve/CVE-2021-46933.html
  * https://www.suse.com/security/cve/CVE-2021-46936.html
  * https://www.suse.com/security/cve/CVE-2021-47082.html
  * https://www.suse.com/security/cve/CVE-2021-47087.html
  * https://www.suse.com/security/cve/CVE-2021-47091.html
  * https://www.suse.com/security/cve/CVE-2021-47093.html
  * https://www.suse.com/security/cve/CVE-2021-47094.html
  * https://www.suse.com/security/cve/CVE-2021-47095.html
  * https://www.suse.com/security/cve/CVE-2021-47096.html
  * https://www.suse.com/security/cve/CVE-2021-47097.html
  * https://www.suse.com/security/cve/CVE-2021-47098.html
  * https://www.suse.com/security/cve/CVE-2021-47099.html
  * https://www.suse.com/security/cve/CVE-2021-47100.html
  * https://www.suse.com/security/cve/CVE-2021-47101.html
  * https://www.suse.com/security/cve/CVE-2021-47102.html
  * https://www.suse.com/security/cve/CVE-2021-47104.html
  * https://www.suse.com/security/cve/CVE-2021-47105.html
  * https://www.suse.com/security/cve/CVE-2021-47107.html
  * https://www.suse.com/security/cve/CVE-2021-47108.html
  * https://www.suse.com/security/cve/CVE-2022-48626.html
  * https://www.suse.com/security/cve/CVE-2022-48629.html
  * https://www.suse.com/security/cve/CVE-2022-48630.html
  * https://www.suse.com/security/cve/CVE-2023-35827.html
  * https://www.suse.com/security/cve/CVE-2023-52450.html
  * https://www.suse.com/security/cve/CVE-2023-52454.html
  * https://www.suse.com/security/cve/CVE-2023-52469.html
  * https://www.suse.com/security/cve/CVE-2023-52470.html
  * https://www.suse.com/security/cve/CVE-2023-52474.html
  * https://www.suse.com/security/cve/CVE-2023-52477.html
  * https://www.suse.com/security/cve/CVE-2023-52492.html
  * https://www.suse.com/security/cve/CVE-2023-52497.html
  * https://www.suse.com/security/cve/CVE-2023-52501.html
  * https://www.suse.com/security/cve/CVE-2023-52502.html
  * https://www.suse.com/security/cve/CVE-2023-52504.html
  * https://www.suse.com/security/cve/CVE-2023-52507.html
  * https://www.suse.com/security/cve/CVE-2023-52508.html
  * https://www.suse.com/security/cve/CVE-2023-52509.html
  * https://www.suse.com/security/cve/CVE-2023-52510.html
  * https://www.suse.com/security/cve/CVE-2023-52511.html
  * https://www.suse.com/security/cve/CVE-2023-52513.html
  * https://www.suse.com/security/cve/CVE-2023-52515.html
  * https://www.suse.com/security/cve/CVE-2023-52517.html
  * https://www.suse.com/security/cve/CVE-2023-52519.html
  * https://www.suse.com/security/cve/CVE-2023-52520.html
  * https://www.suse.com/security/cve/CVE-2023-52523.html
  * https://www.suse.com/security/cve/CVE-2023-52524.html
  * https://www.suse.com/security/cve/CVE-2023-52525.html
  * https://www.suse.com/security/cve/CVE-2023-52528.html
  * https://www.suse.com/security/cve/CVE-2023-52529.html
  * https://www.suse.com/security/cve/CVE-2023-52532.html
  * https://www.suse.com/security/cve/CVE-2023-52564.html
  * https://www.suse.com/security/cve/CVE-2023-52566.html
  * https://www.suse.com/security/cve/CVE-2023-52567.html
  * https://www.suse.com/security/cve/CVE-2023-52569.html
  * https://www.suse.com/security/cve/CVE-2023-52574.html
  * https://www.suse.com/security/cve/CVE-2023-52575.html
  * https://www.suse.com/security/cve/CVE-2023-52576.html
  * https://www.suse.com/security/cve/CVE-2023-52582.html
  * https://www.suse.com/security/cve/CVE-2023-52583.html
  * https://www.suse.com/security/cve/CVE-2023-52597.html
  * https://www.suse.com/security/cve/CVE-2023-52605.html
  * https://www.suse.com/security/cve/CVE-2023-52621.html
  * https://www.suse.com/security/cve/CVE-2024-25742.html
  * https://www.suse.com/security/cve/CVE-2024-26600.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212514
  * https://bugzilla.suse.com/show_bug.cgi?id=1220237
  * https://bugzilla.suse.com/show_bug.cgi?id=1220320
  * https://bugzilla.suse.com/show_bug.cgi?id=1220340
  * https://bugzilla.suse.com/show_bug.cgi?id=1220366
  * https://bugzilla.suse.com/show_bug.cgi?id=1220411
  * https://bugzilla.suse.com/show_bug.cgi?id=1220413
  * https://bugzilla.suse.com/show_bug.cgi?id=1220439
  * https://bugzilla.suse.com/show_bug.cgi?id=1220443
  * https://bugzilla.suse.com/show_bug.cgi?id=1220445
  * https://bugzilla.suse.com/show_bug.cgi?id=1220466
  * https://bugzilla.suse.com/show_bug.cgi?id=1220478
  * https://bugzilla.suse.com/show_bug.cgi?id=1220482
  * https://bugzilla.suse.com/show_bug.cgi?id=1220484
  * https://bugzilla.suse.com/show_bug.cgi?id=1220486
  * https://bugzilla.suse.com/show_bug.cgi?id=1220487
  * https://bugzilla.suse.com/show_bug.cgi?id=1220790
  * https://bugzilla.suse.com/show_bug.cgi?id=1220831
  * https://bugzilla.suse.com/show_bug.cgi?id=1220833
  * https://bugzilla.suse.com/show_bug.cgi?id=1220836
  * https://bugzilla.suse.com/show_bug.cgi?id=1220839
  * https://bugzilla.suse.com/show_bug.cgi?id=1220840
  * https://bugzilla.suse.com/show_bug.cgi?id=1220843
  * https://bugzilla.suse.com/show_bug.cgi?id=1220870
  * https://bugzilla.suse.com/show_bug.cgi?id=1220871
  * https://bugzilla.suse.com/show_bug.cgi?id=1220872
  * https://bugzilla.suse.com/show_bug.cgi?id=1220878
  * https://bugzilla.suse.com/show_bug.cgi?id=1220879
  * https://bugzilla.suse.com/show_bug.cgi?id=1220885
  * https://bugzilla.suse.com/show_bug.cgi?id=1220898
  * https://bugzilla.suse.com/show_bug.cgi?id=1220918
  * https://bugzilla.suse.com/show_bug.cgi?id=1220920
  * https://bugzilla.suse.com/show_bug.cgi?id=1220921
  * https://bugzilla.suse.com/show_bug.cgi?id=1220926
  * https://bugzilla.suse.com/show_bug.cgi?id=1220927
  * https://bugzilla.suse.com/show_bug.cgi?id=1220929
  * https://bugzilla.suse.com/show_bug.cgi?id=1220932
  * https://bugzilla.suse.com/show_bug.cgi?id=1220938
  * https://bugzilla.suse.com/show_bug.cgi?id=1220940
  * https://bugzilla.suse.com/show_bug.cgi?id=1220954
  * https://bugzilla.suse.com/show_bug.cgi?id=1220955
  * https://bugzilla.suse.com/show_bug.cgi?id=1220959
  * https://bugzilla.suse.com/show_bug.cgi?id=1220960
  * https://bugzilla.suse.com/show_bug.cgi?id=1220961
  * https://bugzilla.suse.com/show_bug.cgi?id=1220965
  * https://bugzilla.suse.com/show_bug.cgi?id=1220969
  * https://bugzilla.suse.com/show_bug.cgi?id=1220978
  * https://bugzilla.suse.com/show_bug.cgi?id=1220979
  * https://bugzilla.suse.com/show_bug.cgi?id=1220981
  * https://bugzilla.suse.com/show_bug.cgi?id=1220982
  * https://bugzilla.suse.com/show_bug.cgi?id=1220983
  * https://bugzilla.suse.com/show_bug.cgi?id=1220985
  * https://bugzilla.suse.com/show_bug.cgi?id=1220986
  * https://bugzilla.suse.com/show_bug.cgi?id=1220987
  * https://bugzilla.suse.com/show_bug.cgi?id=1220989
  * https://bugzilla.suse.com/show_bug.cgi?id=1220990
  * https://bugzilla.suse.com/show_bug.cgi?id=1221009
  * https://bugzilla.suse.com/show_bug.cgi?id=1221012
  * https://bugzilla.suse.com/show_bug.cgi?id=1221015
  * https://bugzilla.suse.com/show_bug.cgi?id=1221022
  * https://bugzilla.suse.com/show_bug.cgi?id=1221039
  * https://bugzilla.suse.com/show_bug.cgi?id=1221040
  * https://bugzilla.suse.com/show_bug.cgi?id=1221048
  * https://bugzilla.suse.com/show_bug.cgi?id=1221055
  * https://bugzilla.suse.com/show_bug.cgi?id=1221058
  * https://bugzilla.suse.com/show_bug.cgi?id=1221077
  * https://bugzilla.suse.com/show_bug.cgi?id=1221276
  * https://bugzilla.suse.com/show_bug.cgi?id=1221551
  * https://bugzilla.suse.com/show_bug.cgi?id=1221553
  * https://bugzilla.suse.com/show_bug.cgi?id=1221725
  * https://bugzilla.suse.com/show_bug.cgi?id=1222073
  * https://bugzilla.suse.com/show_bug.cgi?id=1222619
  * https://jira.suse.com/browse/PED-5759

OPENSUSE-SECURITY-UPDATES

tags

participants (1)