SUSE-IU-2025:353-1: Security update of suse/sle-micro/rt-5.5

Sat Jan 25 08:05:17 UTC 2025

SUSE Image Update Advisory: suse/sle-micro/rt-5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:353-1
Image Tags        : suse/sle-micro/rt-5.5:2.0.4 , suse/sle-micro/rt-5.5:2.0.4-4.5.294 , suse/sle-micro/rt-5.5:latest
Image Release     : 4.5.294
Severity          : important
Type              : security
References        : 1135481 1170891 1171420 1173139 1175543 1181006 1185010 1187211
                        1187619 1188412 1188616 1188700 1188983 1188985 1189760 1189762
                        1189870 1189872 1190117 1190131 1190181 1190358 1190412 1190428
                        1203332 1205521 1209288 1209798 1211593 1211595 1215304 1216813
                        1216909 1219608 1222878 1223044 1225758 1225820 1226694 1228190
                        1229809 1230422 1230697 1231388 1231453 1231854 1232045 1232157
                        1232166 1232419 1232436 1232472 1232823 1233038 1233050 1233070
                        1233096 1233127 1233200 1233239 1233324 1233467 1233468 1233469
                        1233485 1233547 1233550 1233558 1233564 1233568 1233637 1233701
                        1233769 1233837 1234072 1234073 1234075 1234076 1234077 1234087
                        1234120 1234156 1234219 1234220 1234240 1234241 1234281 1234282
                        1234294 1234338 1234357 1234437 1234464 1234605 1234639 1234650
                        1234727 1234811 1234827 1234834 1234843 1234846 1234853 1234856
                        1234891 1234912 1234920 1234921 1234960 1234963 1234971 1234973
                        1235004 1235035 1235037 1235039 1235054 1235056 1235061 1235073
                        1235220 1235224 1235246 1235507 CVE-2020-12770 CVE-2021-34556
                        CVE-2021-35477 CVE-2021-38160 CVE-2021-47202 CVE-2022-36280 CVE-2022-48742
                        CVE-2022-49033 CVE-2022-49035 CVE-2023-1382 CVE-2023-33951 CVE-2023-33952
                        CVE-2023-52920 CVE-2024-24860 CVE-2024-26886 CVE-2024-26924 CVE-2024-36915
                        CVE-2024-42232 CVE-2024-44934 CVE-2024-47666 CVE-2024-47678 CVE-2024-49944
                        CVE-2024-49952 CVE-2024-50018 CVE-2024-50143 CVE-2024-50154 CVE-2024-50166
                        CVE-2024-50181 CVE-2024-50202 CVE-2024-50211 CVE-2024-50256 CVE-2024-50262
                        CVE-2024-50278 CVE-2024-50279 CVE-2024-50280 CVE-2024-50296 CVE-2024-53051
                        CVE-2024-53055 CVE-2024-53056 CVE-2024-53064 CVE-2024-53072 CVE-2024-53090
                        CVE-2024-53101 CVE-2024-53113 CVE-2024-53114 CVE-2024-53119 CVE-2024-53120
                        CVE-2024-53122 CVE-2024-53125 CVE-2024-53130 CVE-2024-53131 CVE-2024-53142
                        CVE-2024-53146 CVE-2024-53150 CVE-2024-53156 CVE-2024-53157 CVE-2024-53158
                        CVE-2024-53161 CVE-2024-53162 CVE-2024-53173 CVE-2024-53179 CVE-2024-53206
                        CVE-2024-53210 CVE-2024-53213 CVE-2024-53214 CVE-2024-53239 CVE-2024-53240
                        CVE-2024-53241 CVE-2024-56539 CVE-2024-56548 CVE-2024-56549 CVE-2024-56570
                        CVE-2024-56571 CVE-2024-56575 CVE-2024-56598 CVE-2024-56604 CVE-2024-56605
                        CVE-2024-56619 CVE-2024-56755 CVE-2024-8805 
-----------------------------------------------------------------

The container suse/sle-micro/rt-5.5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:229-1
Released:    Fri Jan 24 11:10:23 2025
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1135481,1170891,1171420,1173139,1175543,1181006,1185010,1187211,1187619,1188412,1188616,1188700,1188983,1188985,1189760,1189762,1189870,1189872,1190117,1190131,1190181,1190358,1190412,1190428,1203332,1205521,1209288,1209798,1211593,1211595,1215304,1216813,1216909,1219608,1222878,1223044,1225758,1225820,1226694,1228190,1229809,1230422,1230697,1231388,1231453,1231854,1232045,1232157,1232166,1232419,1232436,1232472,1232823,1233038,1233050,1233070,1233096,1233127,1233200,1233239,1233324,1233467,1233468,1233469,1233485,1233547,1233550,1233558,1233564,1233568,1233637,1233701,1233769,1233837,1234072,1234073,1234075,1234076,1234077,1234087,1234120,1234156,1234219,1234220,1234240,1234241,1234281,1234282,1234294,1234338,1234357,1234437,1234464,1234605,1234639,1234650,1234727,1234811,1234827,1234834,1234843,1234846,1234853,1234856,1234891,1234912,1234920,1234921,1234960,1234963,1234971,1234973,1235004,1235035,1235037,1235039,1235054,1235056,1235061,1235073,1235220,1235224,1235246,1
 235507,CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-38160,CVE-2021-47202,CVE-2022-36280,CVE-2022-48742,CVE-2022-49033,CVE-2022-49035,CVE-2023-1382,CVE-2023-33951,CVE-2023-33952,CVE-2023-52920,CVE-2024-24860,CVE-2024-26886,CVE-2024-26924,CVE-2024-36915,CVE-2024-42232,CVE-2024-44934,CVE-2024-47666,CVE-2024-47678,CVE-2024-49944,CVE-2024-49952,CVE-2024-50018,CVE-2024-50143,CVE-2024-50154,CVE-2024-50166,CVE-2024-50181,CVE-2024-50202,CVE-2024-50211,CVE-2024-50256,CVE-2024-50262,CVE-2024-50278,CVE-2024-50279,CVE-2024-50280,CVE-2024-50296,CVE-2024-53051,CVE-2024-53055,CVE-2024-53056,CVE-2024-53064,CVE-2024-53072,CVE-2024-53090,CVE-2024-53101,CVE-2024-53113,CVE-2024-53114,CVE-2024-53119,CVE-2024-53120,CVE-2024-53122,CVE-2024-53125,CVE-2024-53130,CVE-2024-53131,CVE-2024-53142,CVE-2024-53146,CVE-2024-53150,CVE-2024-53156,CVE-2024-53157,CVE-2024-53158,CVE-2024-53161,CVE-2024-53162,CVE-2024-53173,CVE-2024-53179,CVE-2024-53206,CVE-2024-53210,CVE-2024-53213,CVE-2024-53214,CVE-2024-53239,C
 VE-2024-53240,CVE-2024-53241,CVE-2024-56539,CVE-2024-56548,CVE-2024-56549,CVE-2024-56570,CVE-2024-56571,CVE-2024-56575,CVE-2024-56598,CVE-2024-56604,CVE-2024-56605,CVE-2024-56619,CVE-2024-56755,CVE-2024-8805

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
- CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694).
- CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045).
- CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288).
- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
- CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453).
- CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419).
- CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038).
- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
- CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127).
- CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324).
- CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096).
- CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200).
- CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).
- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558).
- CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564).
- CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
- CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769).
- CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077).
- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).
- CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
- CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219).
- CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220).
- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
- CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834).
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).
- CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827).
- CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811).
- CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
- CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843).
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971).
- CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (bsc#1234282).
- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).
- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
- CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037).
- CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039).
- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).
- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).
- CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920).

The following non-security bugs were fixed:

- ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
- amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295).
- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes).
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes).
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes).
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (git-fixes).
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git-fixes).
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes).
- arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes).
- autofs: use flexible array in ioctl structure (git-fixes).
- devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422).
- devlink: do not require setting features before registration (bsc#1231388 bsc#1230422).
- dma-fence: Fix reference leak on fence merge failure path (git-fixes).
- dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357).
- dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357).
- Documentation: Add x86/amd_hsmp driver (jsc#PED-1295).
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- drm/v3d: Enable Performance Counters before clearing them (git-fixes).
- exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes).
- hfsplus: do not query the device logical block size multiple times (git-fixes).
- idpf: add support for SW triggered interrupts (bsc#1235507).
- idpf: enable WB_ON_ITR (bsc#1235507).
- idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507).
- ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727).
- jffs2: Fix rtime decompressor (git-fixes).
- jffs2: fix use of uninitialized variable (git-fixes).
- jffs2: Prevent rtime decompress memory corruption (git-fixes).
- jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes).
- jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
- jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
- jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
- jfs: xattr: check invalid xattr size more strictly (git-fixes).
- kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth
- kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639).
- KVM: x86: fix sending PV IPI (git-fixes).
- memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763).
- mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120).
- mmc: core: Further prevent card detect during shutdown (git-fixes).
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).
- net/ipv6: release expired exception dst cached in socket (bsc#1216813).
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes).
- NFSD: Fix nfsd4_shutdown_copy() (git-fixes).
- nfsd: make sure exp active before svc_export_show (git-fixes).
- NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472).
- NFSD: Prevent a potential integer overflow (git-fixes).
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes).
- NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472).
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472).
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes).
- nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes).
- nilfs2: prevent use of deleted inode (git-fixes).
- ocfs2: uncache inode which has failed entering the group (bsc#1234087).
- PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes).
- phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763).
- platform/x86: Add AMD system management interface (jsc#PED-1295).
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes).
- pwm: tegra: Improve required rate calculation (jsc#PED-1763).
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- scatterlist: fix incorrect func name in kernel-doc (git-fixes).
- scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- serial: tegra: Read DMA status before terminating (jsc#PED-1763).
- smb: client: fix TCP timers deadlock after rmmod (git-fixes) (bsc#1233642).
- spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes).
- SUNRPC: make sure cache entry active before cache_show (git-fixes).
- sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git-fixes).
- svcrdma: Address an integer overflow (git-fixes).
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes).
- tpm_tis_spi: Release chip select when flow control fails (bsc#1234338)
- ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes).
- ubifs: Correct the total block count by deducting journal reservation (git-fixes).
- udf: Handle error when adding extent to a file (bsc#1234437).
- udf: refactor udf_current_aext() to handle error (bsc#1234240).
- udf: refactor udf_next_aext() to handle error (bsc#1234241).
- usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes).
- usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes).
- x86: Annotate call_on_stack() (git-fixes).
- x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes).
- x86/fpu: Remove unused supervisor only offsets (git-fixes).
- x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes).
- x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes).
- x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes).
- x86/mce: Allow instrumentation during task work queueing (git-fixes).
- x86/mce: Mark mce_end() noinstr (git-fixes).
- x86/mce: Mark mce_panic() noinstr (git-fixes).
- x86/mce: Mark mce_read_aux() noinstr (git-fixes).
- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
- x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes).
- x86/sgx: Free backing memory after faulting the enclave page (git-fixes).
- x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes).
- x86/uaccess: Move variable into switch case statement (git-fixes).
- xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
- zonefs: fix zone report size in __zonefs_io_error() (git-fixes).

The following package changes have been done:

- kernel-rt-5.14.21-150500.13.82.1 updated