From null at suse.de Thu Jan 2 12:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 02 Jan 2025 12:30:07 -0000 Subject: SUSE-SU-2025:0006-1: important: Security update for python-Jinja2 Message-ID: <173582100715.13380.15854013850200810582@smelt2.prg2.suse.org> # Security update for python-Jinja2 Announcement ID: SUSE-SU-2025:0006-1 Release Date: 2025-01-02T08:45:38Z Rating: important References: * bsc#1234808 * bsc#1234809 Cross-References: * CVE-2024-56201 * CVE-2024-56326 CVSS scores: * CVE-2024-56201 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56201 ( NVD ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56326 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56326 ( NVD ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56326 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-Jinja2 fixes the following issues: * CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template (bsc#1234808) * CVE-2024-56326: Fixed sandbox breakout through indirect reference to format method (bsc#1234809) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-6=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2025-6=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-6=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-6=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-6=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-6=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-6=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-6=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-6=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-6=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-6=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-6=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-6=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-6=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-Jinja2-3.1.2-150400.12.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python311-Jinja2-3.1.2-150400.12.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56201.html * https://www.suse.com/security/cve/CVE-2024-56326.html * https://bugzilla.suse.com/show_bug.cgi?id=1234808 * https://bugzilla.suse.com/show_bug.cgi?id=1234809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 2 12:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 02 Jan 2025 12:30:12 -0000 Subject: SUSE-SU-2025:0005-1: important: Security update for liboqs, oqs-provider Message-ID: <173582101288.13380.9147266469967651326@smelt2.prg2.suse.org> # Security update for liboqs, oqs-provider Announcement ID: SUSE-SU-2025:0005-1 Release Date: 2025-01-02T08:01:46Z Rating: important References: * bsc#1226162 * bsc#1226468 * bsc#1234292 Cross-References: * CVE-2024-36405 * CVE-2024-37305 * CVE-2024-54137 CVSS scores: * CVE-2024-36405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-37305 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-54137 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-54137 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for liboqs, oqs-provider fixes the following issues: This update supplies the new FIPS standardized ML-KEM, ML-DSA, SHL-DSA algorithms. This update liboqs to 0.12.0: * This release updates the ML-DSA implementation to the final FIPS 204 version. This release still includes the NIST Round 3 version of Dilithium for interoperability purposes, but we plan to remove Dilithium Round 3 in a future release. * This will be the last release of liboqs to include Kyber (that is, the NIST Round 3 version of Kyber, prior to its standardization by NIST as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203). * The addition of ML-DSA FIPS 204 final version to liboqs has introduced a new signature API which includes a context string parameter. We are planning to remove the old version of the API without a context string in the next release to streamline the API and bring it in line with NIST specifications. Users who have an opinion on this removal are invited to provide input at https://github.com/open-quantum-safe/liboqs/issues/2001. Security issues: * CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. (bsc#1234292) * new library major version 7 Updated to 0.11.0: * This release updates ML-KEM implementations to their final FIPS 203 https://csrc.nist.gov/pubs/fips/203/final versions . * This release still includes the NIST Round 3 version of Kyber for interoperability purposes, but we plan to remove Kyber Round 3 in a future release. * Additionally, this release adds support for MAYO and CROSS digital signature schemes from [NIST Additional Signatures Round 1 https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures along with stateful hash-based signature schemes XMSS https://datatracker.ietf.org/doc/html/rfc8391 and LMS https://datatracker.ietf.org/doc/html/rfc8554. * Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from libjade https://github.com/formosa- crypto/libjade/releases/tag/release%2F2023.05-2 * LMS and XMSS are disabled by default due to the security risks associated with their use in software. See the note on stateful hash-based signatures in CONFIGURE.md * Key encapsulation mechanisms: * Kyber: Added formally-verified portable C and AVX2 implementations of Kyber-512 and Kyber-768 from libjade. * ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512, ML- KEM-768, and ML-KEM-1024 to FIP 203 version. * Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and Kyber-1024 to work with AddressSanitizer. * Digital signature schemes: * LMS/XMSS: Added implementations of stateful hash-based signature schemes: XMSS and LMS * MAYO: Added portable C and AVX2 implementations of MAYO signature scheme from NIST Additional Signatures Round 1. * CROSS: Added portable C and AVX2 implementations of CROSS signature scheme from NIST Additional Signatures Round 1. * Other changes: * Added callback API to use custom implementations of AES, SHA2, and SHA3. * Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API. * new library major version 6 Updated to 0.10.1: * This release is a security release which fixes potential non-constant-time behaviour in ML-KEM and Kyber. (bsc#1226162 CVE-2024-36405) It also includes a fix for incorrectly named macros in the ML-DSA implementation. updated to 0.10.0: Key encapsulation mechanisms: * BIKE: Updated portable C implementation to include constant-time fixes from upstream. * HQC: Updated to NIST Round 4 version. * ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-768, and ML-KEM-1024. Digital signature schemes: * Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification. * ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87. Other changes: * Improved thread safety. * Removed support for the "NIST-KAT" DRBG. * Added extended KAT test programs. * library major version changed from 4 to 5 This update also updates oqs-provider to 0.7.0: * Adds support for MAYO from Round 1 of NIST?s Post-Quantum Signature On-Ramp process. * Adds support for CROSS from Round 1 of NIST?s Post-Quantum Signature On-Ramp process. * Updates ML-KEM's code points in line with internet draft draft-kwiatkowski- tls-ecdhe-mlkem-02. * Reverses keyshares for X25519MLKEM768 and X448-ML-KEM-768 TLS hybrids in line with draft-kwiatkowski-tls-ecdhe-mlkem-02. Updated to 0.6.1: * CVE-2024-37305: Fixed buffer overflow in deserialization of hybrid keys and signatures (bsc#1226468) Updated to 0.6.0: * First availability of standardized PQ algorithms, e.g., ML-KEM, ML-DSA * Support for Composite PQ operations * Alignment with PQ algorithm implementations as provided by liboqs 0.10.0, most notably updating HQC and Falcon. * Implementation of security code review recommendations * Support for more hybrid operations as fully documented here. * Support for extraction of classical and hybrid key material Updated to 0.5.3: * only tracking parallel liboqs security update Updated to 0.5.2: * Algorithm updates as documented in the liboqs 0.9.0 release notes * Standard coding style * Enhanced memory leak protection * Added community cooperation documentation * (optional) KEM algorithm en-/decoder feature Updated to 0.5.1: * Documentation update * document specs * General documentation overhaul * change TLS demo to use QSC alg * Build a module instead of a shared library. * explain groups in USAGE ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-5=1 openSUSE-SLE-15.6-2025-5=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-5=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * oqs-provider-debuginfo-0.7.0-150600.3.3.1 * liboqs7-debuginfo-0.12.0-150600.3.3.1 * oqs-provider-0.7.0-150600.3.3.1 * liboqs7-0.12.0-150600.3.3.1 * liboqs-devel-0.12.0-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * liboqs7-32bit-0.12.0-150600.3.3.1 * liboqs7-32bit-debuginfo-0.12.0-150600.3.3.1 * liboqs-devel-32bit-0.12.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * liboqs7-64bit-0.12.0-150600.3.3.1 * liboqs-devel-64bit-0.12.0-150600.3.3.1 * liboqs7-64bit-debuginfo-0.12.0-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * oqs-provider-debuginfo-0.7.0-150600.3.3.1 * liboqs7-debuginfo-0.12.0-150600.3.3.1 * oqs-provider-0.7.0-150600.3.3.1 * liboqs7-0.12.0-150600.3.3.1 * liboqs-devel-0.12.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36405.html * https://www.suse.com/security/cve/CVE-2024-37305.html * https://www.suse.com/security/cve/CVE-2024-54137.html * https://bugzilla.suse.com/show_bug.cgi?id=1226162 * https://bugzilla.suse.com/show_bug.cgi?id=1226468 * https://bugzilla.suse.com/show_bug.cgi?id=1234292 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 3 20:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 03 Jan 2025 20:30:04 -0000 Subject: SUSE-SU-2025:0012-1: moderate: Security update for sysstat Message-ID: <173593620479.28906.9124982243209003772@smelt2.prg2.suse.org> # Security update for sysstat Announcement ID: SUSE-SU-2025:0012-1 Release Date: 2025-01-03T16:51:05Z Rating: moderate References: * bsc#1205224 * bsc#1211507 Cross-References: * CVE-2022-39377 * CVE-2023-33204 CVSS scores: * CVE-2022-39377 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2022-39377 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-33204 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H * CVE-2023-33204 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for sysstat fixes the following issues: * CVE-2023-33204: Fixed a multiplication integer overflow in check_overflow in common.c (bsc#1211507) * CVE-2022-39377: Fixed arithmetic overflow in allocate_structures() (bsc#1205224) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-12=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * sysstat-debugsource-12.0.2-20.23.1 * sysstat-12.0.2-20.23.1 * sysstat-debuginfo-12.0.2-20.23.1 * sysstat-isag-12.0.2-20.23.1 ## References: * https://www.suse.com/security/cve/CVE-2022-39377.html * https://www.suse.com/security/cve/CVE-2023-33204.html * https://bugzilla.suse.com/show_bug.cgi?id=1205224 * https://bugzilla.suse.com/show_bug.cgi?id=1211507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 3 20:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 03 Jan 2025 20:30:10 -0000 Subject: SUSE-SU-2025:0011-1: moderate: Security update for pcp Message-ID: <173593621035.28906.2206447635789396715@smelt2.prg2.suse.org> # Security update for pcp Announcement ID: SUSE-SU-2025:0011-1 Release Date: 2025-01-03T16:49:10Z Rating: moderate References: * bsc#1217826 * bsc#1222815 * bsc#1230551 * bsc#1230552 * bsc#1231345 Cross-References: * CVE-2023-6917 * CVE-2024-45769 * CVE-2024-45770 CVSS scores: * CVE-2023-6917 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45769 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45769 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45770 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-45770 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-45770 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for pcp fixes the following issues: Upgrade to 6.2.0 (bsc#1217826 / PED#8192): * CVE-2024-45770: Fixed symlink race (bsc#1230552). * CVE-2024-45769: Fixed pmstore corruption (bsc#1230551) * CVE-2023-6917: Fixed local privilege escalation from pcp user to root (bsc#1217826). Bug fixes: * Reintroduce libuv support for SLE >= 15 (bsc#1231345). * move pmlogger_daily into main package (bsc#1222815) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-11=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * pcp-pmda-summary-6.2.0-150400.5.9.1 * pcp-pmda-summary-debuginfo-6.2.0-150400.5.9.1 * libpcp_mmv1-6.2.0-150400.5.9.1 * libpcp3-debuginfo-6.2.0-150400.5.9.1 * libpcp_web1-debuginfo-6.2.0-150400.5.9.1 * pcp-devel-6.2.0-150400.5.9.1 * pcp-pmda-cifs-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-sockets-debuginfo-6.2.0-150400.5.9.1 * libpcp_trace2-6.2.0-150400.5.9.1 * pcp-devel-debuginfo-6.2.0-150400.5.9.1 * pcp-import-collectl2pcp-6.2.0-150400.5.9.1 * pcp-pmda-bind2-6.2.0-150400.5.9.1 * pcp-pmda-smart-6.2.0-150400.5.9.1 * pcp-testsuite-debuginfo-6.2.0-150400.5.9.1 * libpcp_web1-6.2.0-150400.5.9.1 * pcp-pmda-docker-6.2.0-150400.5.9.1 * pcp-pmda-cifs-6.2.0-150400.5.9.1 * pcp-testsuite-6.2.0-150400.5.9.1 * pcp-pmda-nvidia-gpu-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-zimbra-debuginfo-6.2.0-150400.5.9.1 * pcp-system-tools-6.2.0-150400.5.9.1 * pcp-pmda-shping-6.2.0-150400.5.9.1 * pcp-6.2.0-150400.5.9.1 * libpcp-devel-6.2.0-150400.5.9.1 * pcp-pmda-hacluster-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-lustrecomm-6.2.0-150400.5.9.1 * pcp-pmda-logger-debuginfo-6.2.0-150400.5.9.1 * libpcp_gui2-debuginfo-6.2.0-150400.5.9.1 * libpcp_import1-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-zimbra-6.2.0-150400.5.9.1 * pcp-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-apache-6.2.0-150400.5.9.1 * pcp-pmda-bash-6.2.0-150400.5.9.1 * pcp-pmda-mailq-6.2.0-150400.5.9.1 * libpcp_gui2-6.2.0-150400.5.9.1 * pcp-debugsource-6.2.0-150400.5.9.1 * perl-PCP-LogImport-debuginfo-6.2.0-150400.5.9.1 * pcp-system-tools-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-trace-6.2.0-150400.5.9.1 * pcp-pmda-sendmail-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-apache-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-gfs2-6.2.0-150400.5.9.1 * pcp-pmda-mounts-6.2.0-150400.5.9.1 * pcp-pmda-cisco-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-mounts-debuginfo-6.2.0-150400.5.9.1 * perl-PCP-MMV-6.2.0-150400.5.9.1 * pcp-pmda-weblog-debuginfo-6.2.0-150400.5.9.1 * perl-PCP-MMV-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-dm-6.2.0-150400.5.9.1 * libpcp_mmv1-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-hacluster-6.2.0-150400.5.9.1 * pcp-pmda-roomtemp-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-weblog-6.2.0-150400.5.9.1 * libpcp_trace2-debuginfo-6.2.0-150400.5.9.1 * libpcp3-6.2.0-150400.5.9.1 * pcp-pmda-systemd-6.2.0-150400.5.9.1 * perl-PCP-LogImport-6.2.0-150400.5.9.1 * python3-pcp-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-sendmail-6.2.0-150400.5.9.1 * pcp-pmda-docker-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-dm-debuginfo-6.2.0-150400.5.9.1 * perl-PCP-PMDA-6.2.0-150400.5.9.1 * pcp-pmda-roomtemp-6.2.0-150400.5.9.1 * python3-pcp-6.2.0-150400.5.9.1 * pcp-gui-debuginfo-6.2.0-150400.5.9.1 * pcp-import-collectl2pcp-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-lustrecomm-debuginfo-6.2.0-150400.5.9.1 * pcp-gui-6.2.0-150400.5.9.1 * pcp-pmda-smart-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-trace-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-shping-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-sockets-6.2.0-150400.5.9.1 * perl-PCP-LogSummary-6.2.0-150400.5.9.1 * libpcp_import1-6.2.0-150400.5.9.1 * pcp-pmda-systemd-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-cisco-6.2.0-150400.5.9.1 * pcp-pmda-bash-debuginfo-6.2.0-150400.5.9.1 * perl-PCP-PMDA-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-mailq-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-nvidia-gpu-6.2.0-150400.5.9.1 * pcp-pmda-logger-6.2.0-150400.5.9.1 * pcp-pmda-gfs2-debuginfo-6.2.0-150400.5.9.1 * openSUSE Leap 15.4 (noarch) * pcp-pmda-gluster-6.2.0-150400.5.9.1 * pcp-doc-6.2.0-150400.5.9.1 * pcp-pmda-ds389log-6.2.0-150400.5.9.1 * pcp-pmda-elasticsearch-6.2.0-150400.5.9.1 * pcp-pmda-openvswitch-6.2.0-150400.5.9.1 * pcp-pmda-nutcracker-6.2.0-150400.5.9.1 * pcp-pmda-ds389-6.2.0-150400.5.9.1 * pcp-pmda-unbound-6.2.0-150400.5.9.1 * pcp-import-iostat2pcp-6.2.0-150400.5.9.1 * pcp-pmda-postfix-6.2.0-150400.5.9.1 * pcp-pmda-bonding-6.2.0-150400.5.9.1 * pcp-pmda-lustre-6.2.0-150400.5.9.1 * pcp-pmda-news-6.2.0-150400.5.9.1 * pcp-pmda-samba-6.2.0-150400.5.9.1 * pcp-import-sar2pcp-6.2.0-150400.5.9.1 * pcp-pmda-json-6.2.0-150400.5.9.1 * pcp-pmda-mysql-6.2.0-150400.5.9.1 * pcp-pmda-netcheck-6.2.0-150400.5.9.1 * pcp-export-pcp2zabbix-6.2.0-150400.5.9.1 * pcp-pmda-memcache-6.2.0-150400.5.9.1 * pcp-pmda-zswap-6.2.0-150400.5.9.1 * pcp-pmda-oracle-6.2.0-150400.5.9.1 * pcp-import-ganglia2pcp-6.2.0-150400.5.9.1 * pcp-pmda-rsyslog-6.2.0-150400.5.9.1 * pcp-zeroconf-6.2.0-150400.5.9.1 * pcp-pmda-lmsensors-6.2.0-150400.5.9.1 * pcp-pmda-activemq-6.2.0-150400.5.9.1 * pcp-pmda-netfilter-6.2.0-150400.5.9.1 * pcp-export-pcp2elasticsearch-6.2.0-150400.5.9.1 * pcp-import-mrtg2pcp-6.2.0-150400.5.9.1 * pcp-pmda-mic-6.2.0-150400.5.9.1 * pcp-pmda-slurm-6.2.0-150400.5.9.1 * pcp-export-pcp2json-6.2.0-150400.5.9.1 * pcp-export-pcp2graphite-6.2.0-150400.5.9.1 * pcp-pmda-named-6.2.0-150400.5.9.1 * pcp-pmda-gpfs-6.2.0-150400.5.9.1 * pcp-pmda-haproxy-6.2.0-150400.5.9.1 * pcp-export-pcp2influxdb-6.2.0-150400.5.9.1 * pcp-conf-6.2.0-150400.5.9.1 * pcp-pmda-nginx-6.2.0-150400.5.9.1 * pcp-pmda-openmetrics-6.2.0-150400.5.9.1 * pcp-pmda-dbping-6.2.0-150400.5.9.1 * pcp-pmda-pdns-6.2.0-150400.5.9.1 * pcp-pmda-redis-6.2.0-150400.5.9.1 * pcp-pmda-snmp-6.2.0-150400.5.9.1 * pcp-pmda-gpsd-6.2.0-150400.5.9.1 * pcp-pmda-nfsclient-6.2.0-150400.5.9.1 * pcp-export-pcp2spark-6.2.0-150400.5.9.1 * pcp-export-pcp2xml-6.2.0-150400.5.9.1 * pcp-pmda-rabbitmq-6.2.0-150400.5.9.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64 i586) * pcp-pmda-perfevent-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-infiniband-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-infiniband-6.2.0-150400.5.9.1 * pcp-pmda-perfevent-6.2.0-150400.5.9.1 * openSUSE Leap 15.4 (x86_64) * pcp-pmda-resctrl-debuginfo-6.2.0-150400.5.9.1 * pcp-pmda-resctrl-6.2.0-150400.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6917.html * https://www.suse.com/security/cve/CVE-2024-45769.html * https://www.suse.com/security/cve/CVE-2024-45770.html * https://bugzilla.suse.com/show_bug.cgi?id=1217826 * https://bugzilla.suse.com/show_bug.cgi?id=1222815 * https://bugzilla.suse.com/show_bug.cgi?id=1230551 * https://bugzilla.suse.com/show_bug.cgi?id=1230552 * https://bugzilla.suse.com/show_bug.cgi?id=1231345 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 6 12:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 Jan 2025 12:30:07 -0000 Subject: SUSE-SU-2025:0019-1: moderate: Security update for sysstat Message-ID: <173616660755.16706.15151931625414491743@smelt2.prg2.suse.org> # Security update for sysstat Announcement ID: SUSE-SU-2025:0019-1 Release Date: 2025-01-06T10:39:17Z Rating: moderate References: * bsc#1202473 * bsc#1205224 * bsc#1211507 Cross-References: * CVE-2022-39377 * CVE-2023-33204 CVSS scores: * CVE-2022-39377 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2022-39377 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-33204 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H * CVE-2023-33204 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for sysstat fixes the following issues: * CVE-2023-33204: Fixed a multiplication integer overflow in check_overflow in common.c (bsc#1211507) * CVE-2022-39377: Fixed arithmetic overflow in allocate_structures() (bsc#1205224) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-19=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-19=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-19=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-19=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-19=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-19=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-19=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-19=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-19=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-19=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-19=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-19=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * sysstat-isag-12.0.2-150000.3.37.1 * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sysstat-isag-12.0.2-150000.3.37.1 * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 ## References: * https://www.suse.com/security/cve/CVE-2022-39377.html * https://www.suse.com/security/cve/CVE-2023-33204.html * https://bugzilla.suse.com/show_bug.cgi?id=1202473 * https://bugzilla.suse.com/show_bug.cgi?id=1205224 * https://bugzilla.suse.com/show_bug.cgi?id=1211507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 6 12:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 Jan 2025 12:30:10 -0000 Subject: SUSE-SU-2025:0018-1: important: Security update for dpdk Message-ID: <173616661014.16706.9531924346014476587@smelt2.prg2.suse.org> # Security update for dpdk Announcement ID: SUSE-SU-2025:0018-1 Release Date: 2025-01-06T10:38:22Z Rating: important References: * bsc#1234718 Cross-References: * CVE-2024-11614 CVSS scores: * CVE-2024-11614 ( SUSE ): 7.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2024-11614 ( NVD ): 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for dpdk fixes the following issues: * CVE-2024-11614: Fixed Denial Of Service from malicious guest on hypervisors using DPDK Vhost library (bsc#1234718) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-18=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-18=1 openSUSE-SLE-15.6-2025-18=1 ## Package List: * Server Applications Module 15-SP6 (aarch64 ppc64le x86_64) * dpdk-22.11.1-150600.3.9.1 * dpdk-kmp-default-debuginfo-22.11.1_k6.4.0_150600.23.30-150600.3.9.1 * dpdk-debugsource-22.11.1-150600.3.9.1 * dpdk-kmp-default-22.11.1_k6.4.0_150600.23.30-150600.3.9.1 * dpdk-devel-22.11.1-150600.3.9.1 * libdpdk-23-debuginfo-22.11.1-150600.3.9.1 * dpdk-tools-22.11.1-150600.3.9.1 * libdpdk-23-22.11.1-150600.3.9.1 * dpdk-debuginfo-22.11.1-150600.3.9.1 * Server Applications Module 15-SP6 (aarch64) * dpdk-thunderx-debuginfo-22.11.1-150600.3.9.1 * dpdk-thunderx-devel-22.11.1-150600.3.9.1 * dpdk-thunderx-kmp-default-22.11.1_k6.4.0_150600.23.30-150600.3.9.1 * dpdk-thunderx-debugsource-22.11.1-150600.3.9.1 * dpdk-thunderx-22.11.1-150600.3.9.1 * dpdk-thunderx-kmp-default-debuginfo-22.11.1_k6.4.0_150600.23.30-150600.3.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * dpdk-22.11.1-150600.3.9.1 * dpdk-kmp-default-debuginfo-22.11.1_k6.4.0_150600.23.30-150600.3.9.1 * dpdk-debugsource-22.11.1-150600.3.9.1 * dpdk-kmp-default-22.11.1_k6.4.0_150600.23.30-150600.3.9.1 * dpdk-devel-22.11.1-150600.3.9.1 * libdpdk-23-debuginfo-22.11.1-150600.3.9.1 * dpdk-examples-22.11.1-150600.3.9.1 * dpdk-devel-static-22.11.1-150600.3.9.1 * dpdk-examples-debuginfo-22.11.1-150600.3.9.1 * dpdk-tools-22.11.1-150600.3.9.1 * libdpdk-23-22.11.1-150600.3.9.1 * dpdk-debuginfo-22.11.1-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * dpdk-thunderx-doc-22.11.1-150600.3.9.1 * dpdk-doc-22.11.1-150600.3.9.1 * openSUSE Leap 15.6 (aarch64) * dpdk-thunderx-examples-22.11.1-150600.3.9.1 * dpdk-thunderx-examples-debuginfo-22.11.1-150600.3.9.1 * dpdk-thunderx-tools-22.11.1-150600.3.9.1 * dpdk-thunderx-debuginfo-22.11.1-150600.3.9.1 * dpdk-thunderx-devel-22.11.1-150600.3.9.1 * dpdk-thunderx-kmp-default-22.11.1_k6.4.0_150600.23.30-150600.3.9.1 * dpdk-thunderx-debugsource-22.11.1-150600.3.9.1 * dpdk-thunderx-22.11.1-150600.3.9.1 * dpdk-thunderx-devel-static-22.11.1-150600.3.9.1 * dpdk-thunderx-kmp-default-debuginfo-22.11.1_k6.4.0_150600.23.30-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11614.html * https://bugzilla.suse.com/show_bug.cgi?id=1234718 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 6 12:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 Jan 2025 12:30:14 -0000 Subject: SUSE-SU-2025:0016-1: important: Security update for python-Jinja2 Message-ID: <173616661499.16706.16792500591762288660@smelt2.prg2.suse.org> # Security update for python-Jinja2 Announcement ID: SUSE-SU-2025:0016-1 Release Date: 2025-01-06T09:02:52Z Rating: important References: * bsc#1234809 Cross-References: * CVE-2024-56326 CVSS scores: * CVE-2024-56326 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56326 ( NVD ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56326 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves one vulnerability can now be installed. ## Description: This update for python-Jinja2 fixes the following issues: * CVE-2024-56326: sandbox breakout through indirect reference to format method in template file. (bsc#1234809) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-16=1 * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-16=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (noarch) * python-Jinja2-2.8-19.31.1 * python3-Jinja2-2.8-19.31.1 * Public Cloud Module 12 (noarch) * python-Jinja2-2.8-19.31.1 * python3-Jinja2-2.8-19.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56326.html * https://bugzilla.suse.com/show_bug.cgi?id=1234809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 7 12:30:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 Jan 2025 12:30:03 -0000 Subject: SUSE-SU-2025:0029-1: important: Security update for python-Jinja2 Message-ID: <173625300371.16729.17230113204355215286@smelt2.prg2.suse.org> # Security update for python-Jinja2 Announcement ID: SUSE-SU-2025:0029-1 Release Date: 2025-01-07T10:42:30Z Rating: important References: * bsc#1234809 Cross-References: * CVE-2024-56326 CVSS scores: * CVE-2024-56326 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56326 ( NVD ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56326 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-Jinja2 fixes the following issues: * CVE-2024-56326: Fixed sandbox breakout through indirect reference to format method (bsc#1234809) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-29=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-29=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-29=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-29=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-29=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-29=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-29=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-29=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-29=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-29=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-29=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-29=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-29=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-29=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-29=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2025-29=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-29=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-29=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-29=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-29=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-29=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-29=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-29=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-29=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-29=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-29=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-29=1 ## Package List: * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Manager Proxy 4.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Manager Server 4.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Enterprise Storage 7.1 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * openSUSE Leap Micro 5.5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * openSUSE Leap 15.5 (noarch) * python-Jinja2-emacs-2.10.1-150000.3.18.1 * python-Jinja2-vim-2.10.1-150000.3.18.1 * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * Basesystem Module 15-SP6 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56326.html * https://bugzilla.suse.com/show_bug.cgi?id=1234809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 7 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 Jan 2025 16:30:08 -0000 Subject: SUSE-SU-2025:0031-1: important: Security update for gtk3 Message-ID: <173626740859.5298.1413392487575767057@smelt2.prg2.suse.org> # Security update for gtk3 Announcement ID: SUSE-SU-2025:0031-1 Release Date: 2025-01-07T14:44:22Z Rating: important References: * bsc#1172879 * bsc#1228120 Cross-References: * CVE-2024-6655 CVSS scores: * CVE-2024-6655 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6655 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for gtk3 fixes the following issues: * CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120). Other fixes: \- Updated to version 3.24.43 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-31=1 openSUSE-SLE-15.6-2025-31=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-31=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-31=1 ## Package List: * openSUSE Leap 15.6 (noarch) * gtk3-devel-doc-3.24.43-150600.3.7.1 * gnome-themes-accessibility-3.22.3-150000.4.5.1 * gtk3-lang-3.24.43-150600.3.7.1 * gtk2-metatheme-adwaita-3.22.3-150000.4.5.1 * gtk3-data-3.24.43-150600.3.7.1 * gtk3-branding-upstream-3.24.43-150600.3.7.1 * gettext-its-gtk3-3.24.43-150600.3.7.1 * gtk3-branding-SLE-15.0-150600.21.2.1 * gnome-themes-accessibility-gtk2-3.22.3-150000.4.5.1 * metatheme-adwaita-common-3.22.3-150000.4.5.1 * gtk3-metatheme-adwaita-3.22.3-150000.4.5.1 * gtk3-schema-3.24.43-150600.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * gtk3-immodule-multipress-debuginfo-3.24.43-150600.3.7.1 * gtk3-devel-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-thai-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-amharic-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-inuktitut-3.24.43-150600.3.7.1 * gtk3-immodule-vietnamese-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-thai-3.24.43-150600.3.7.1 * gtk3-devel-3.24.43-150600.3.7.1 * gtk3-immodule-xim-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-vietnamese-3.24.43-150600.3.7.1 * gtk3-immodule-inuktitut-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-broadway-debuginfo-3.24.43-150600.3.7.1 * gtk3-debugsource-3.24.43-150600.3.7.1 * libgtk-3-0-debuginfo-3.24.43-150600.3.7.1 * typelib-1_0-Gtk-3_0-3.24.43-150600.3.7.1 * gtk3-tools-3.24.43-150600.3.7.1 * gtk3-immodule-multipress-3.24.43-150600.3.7.1 * gtk3-immodule-tigrigna-3.24.43-150600.3.7.1 * gtk3-tools-debuginfo-3.24.43-150600.3.7.1 * libgtk-3-0-3.24.43-150600.3.7.1 * gtk3-immodule-xim-3.24.43-150600.3.7.1 * gtk3-immodule-broadway-3.24.43-150600.3.7.1 * gtk3-immodule-tigrigna-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-amharic-3.24.43-150600.3.7.1 * openSUSE Leap 15.6 (x86_64) * libgtk-3-0-32bit-3.24.43-150600.3.7.1 * gtk3-tools-32bit-3.24.43-150600.3.7.1 * gtk3-tools-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-amharic-32bit-debuginfo-3.24.43-150600.3.7.1 * libgtk-3-0-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-devel-32bit-3.24.43-150600.3.7.1 * gtk3-immodule-inuktitut-32bit-3.24.43-150600.3.7.1 * gtk2-theming-engine-adwaita-32bit-3.22.3-150000.4.5.1 * gtk3-immodule-thai-32bit-3.24.43-150600.3.7.1 * gtk2-theming-engine-adwaita-32bit-debuginfo-3.22.3-150000.4.5.1 * gtk3-immodule-xim-32bit-3.24.43-150600.3.7.1 * gtk3-immodule-amharic-32bit-3.24.43-150600.3.7.1 * gtk3-immodule-inuktitut-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-multipress-32bit-3.24.43-150600.3.7.1 * gtk3-immodule-tigrigna-32bit-3.24.43-150600.3.7.1 * gtk3-immodule-xim-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-thai-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-multipress-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-devel-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-vietnamese-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-tigrigna-32bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-vietnamese-32bit-3.24.43-150600.3.7.1 * openSUSE Leap 15.6 (aarch64_ilp32) * gtk3-immodule-amharic-64bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-vietnamese-64bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-devel-64bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-multipress-64bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-tigrigna-64bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-tigrigna-64bit-3.24.43-150600.3.7.1 * gtk3-immodule-xim-64bit-3.24.43-150600.3.7.1 * gtk3-immodule-thai-64bit-3.24.43-150600.3.7.1 * gtk3-immodule-thai-64bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-vietnamese-64bit-3.24.43-150600.3.7.1 * gtk3-immodule-xim-64bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-tools-64bit-3.24.43-150600.3.7.1 * gtk3-tools-64bit-debuginfo-3.24.43-150600.3.7.1 * libgtk-3-0-64bit-debuginfo-3.24.43-150600.3.7.1 * libgtk-3-0-64bit-3.24.43-150600.3.7.1 * gtk3-immodule-inuktitut-64bit-debuginfo-3.24.43-150600.3.7.1 * gtk3-immodule-amharic-64bit-3.24.43-150600.3.7.1 * gtk3-devel-64bit-3.24.43-150600.3.7.1 * gtk3-immodule-multipress-64bit-3.24.43-150600.3.7.1 * gtk3-immodule-inuktitut-64bit-3.24.43-150600.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * gtk2-theming-engine-adwaita-3.22.3-150000.4.5.1 * gnome-themes-standard-debugsource-3.22.3-150000.4.5.1 * gtk2-theming-engine-adwaita-debuginfo-3.22.3-150000.4.5.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gtk3-devel-debuginfo-3.24.43-150600.3.7.1 * libgtk-3-0-3.24.43-150600.3.7.1 * gtk2-theming-engine-adwaita-debuginfo-3.22.3-150000.4.5.1 * gtk3-debugsource-3.24.43-150600.3.7.1 * libgtk-3-0-debuginfo-3.24.43-150600.3.7.1 * typelib-1_0-Gtk-3_0-3.24.43-150600.3.7.1 * gtk3-tools-3.24.43-150600.3.7.1 * gtk3-devel-3.24.43-150600.3.7.1 * gtk2-theming-engine-adwaita-3.22.3-150000.4.5.1 * gnome-themes-standard-debugsource-3.22.3-150000.4.5.1 * gtk3-tools-debuginfo-3.24.43-150600.3.7.1 * Basesystem Module 15-SP6 (noarch) * gtk3-lang-3.24.43-150600.3.7.1 * gtk2-metatheme-adwaita-3.22.3-150000.4.5.1 * gtk3-data-3.24.43-150600.3.7.1 * gtk3-branding-SLE-15.0-150600.21.2.1 * metatheme-adwaita-common-3.22.3-150000.4.5.1 * gtk3-metatheme-adwaita-3.22.3-150000.4.5.1 * gtk3-schema-3.24.43-150600.3.7.1 * Desktop Applications Module 15-SP6 (noarch) * gnome-themes-accessibility-gtk2-3.22.3-150000.4.5.1 * gtk3-devel-doc-3.24.43-150600.3.7.1 * gnome-themes-accessibility-3.22.3-150000.4.5.1 * gtk3-metatheme-adwaita-3.22.3-150000.4.5.1 * Desktop Applications Module 15-SP6 (x86_64) * gtk2-theming-engine-adwaita-32bit-3.22.3-150000.4.5.1 * gnome-themes-standard-debugsource-3.22.3-150000.4.5.1 * gtk2-theming-engine-adwaita-32bit-debuginfo-3.22.3-150000.4.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6655.html * https://bugzilla.suse.com/show_bug.cgi?id=1172879 * https://bugzilla.suse.com/show_bug.cgi?id=1228120 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 7 20:30:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 Jan 2025 20:30:03 -0000 Subject: SUSE-SU-2025:0032-1: low: Security update for file-roller Message-ID: <173628180364.16706.13895503192375650740@smelt2.prg2.suse.org> # Security update for file-roller Announcement ID: SUSE-SU-2025:0032-1 Release Date: 2025-01-07T16:38:45Z Rating: low References: * bsc#1189131 Cross-References: * CVE-2020-36314 CVSS scores: * CVE-2020-36314 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2020-36314 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for file-roller fixes the following issues: * CVE-2020-36314: Fixed directory traversal via directory symlink pointing outside of the target directory (bsc#1189131) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-32=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * file-roller-debugsource-3.20.3-15.9.1 * file-roller-3.20.3-15.9.1 * file-roller-debuginfo-3.20.3-15.9.1 * nautilus-file-roller-debuginfo-3.20.3-15.9.1 * nautilus-file-roller-3.20.3-15.9.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * file-roller-lang-3.20.3-15.9.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36314.html * https://bugzilla.suse.com/show_bug.cgi?id=1189131 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 8 08:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 08 Jan 2025 08:30:08 -0000 Subject: SUSE-SU-2025:0033-1: important: Security update for tomcat10 Message-ID: <173632500848.16729.3223022366509180711@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2025:0033-1 Release Date: 2025-01-07T22:47:30Z Rating: important References: * bsc#1233435 * bsc#1234663 * bsc#1234664 Cross-References: * CVE-2024-50379 * CVE-2024-52317 * CVE-2024-54677 CVSS scores: * CVE-2024-50379 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50379 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50379 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52317 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-52317 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-52317 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-54677 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54677 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54677 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.34 * Fixed CVEs: * CVE-2024-54677: DoS in examples web application (bsc#1234664) * CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation (bsc#1234663) * CVE-2024-52317: Request/response mix-up with HTTP/2 (bsc#1233435) * Catalina * Add: Add option to serve resources from subpath only with WebDAV Servlet like with DefaultServlet. (michaelo) * Fix: Add special handling for the protocols attribute of SSLHostConfig in storeconfig. (remm) * Fix: 69442: Fix case sensitive check on content-type when parsing request parameters. (remm) * Code: Refactor duplicate code for extracting media type and subtype from content-type into a single method. (markt) * Fix: Compatibility of generated embedded code with components where constructors or property related methods throw a checked exception. (remm) * Fix: The previous fix for inconsistent resource metadata during concurrent reads and writes was incomplete. (markt) * Fix: #780: Fix content-range header length. Submitted by Chenjp. (remm) * Fix: 69444: Ensure that the jakarta.servlet.error.message request attribute is set when an application defined error page is called. (markt) * Fix: Avoid quotes for numeric values in the JSON generated by the status servlet. (remm) * Add: Add strong ETag support for the WebDAV and default servlet, which can be enabled by using the useStrongETags init parameter with a value set to true. The ETag generated will be a SHA-1 checksum of the resource content. (remm) * Fix: Use client locale for directory listings. (remm) * Fix: 69439: Improve the handling of multiple Cache-Control headers in the ExpiresFilter. Based on pull request #777 by Chenjp. (markt) * Fix: 69447: Update the support for caching classes the web application class loader cannot find to take account of classes loaded from external repositories. Prior to this fix, these classes could be incorrectly marked as not found. (markt) * Fix: 69466: Rework handling of HEAD requests. Headers explicitly set by users will not be removed and any header present in a HEAD request will also be present in the equivalent GET request. There may be some headers, as per RFC 9110, section 9.3.2, that are present in a GET request that are not present in the equivalent HEAD request. (markt) * Fix: 69471: Log instances of CloseNowException caught by ApplicationDispatcher.invoke() at debug level rather than error level as they are very likely to have been caused by a client disconnection or similar I/O issue. (markt) * Add: Add a test case for the fix for 69442. Also refactor references to application/x-www-form-urlencoded. Based on pull request #779 by Chenjp. (markt) * Fix: 69476: Catch possible ISE when trying to report PUT failure in the DefaultServlet. (remm) * Add: Add support for RateLimit header fields for HTTP (draft) in the RateLimitFilter. Based on pull request #775 provided by Chenjp. (markt) * Add: #787: Add regression tests for 69478. Pull request provided by Thomas Krisch. (markt) * Fix: The default servlet now rejects HTTP range requests when two or more of the requested ranges overlap. Based on pull request #782 provided by Chenjp. (markt) * Fix: Enhance Content-Range verification for partial PUT requests handled by the default servlet. Provided by Chenjp in pull request #778. (markt) * Fix: Harmonize DataSourceStore lookup in the global resources to optionally avoid the comp/env prefix which is usually not used there. (remm) * Fix: As required by RFC 9110, the HTTP Range header will now only be processed for GET requests. Based on pull request #790 provided by Chenjp. (markt) * Fix: Deprecate the useAcceptRanges initialisation parameter for the default servlet. It will be removed in Tomcat 12 onwards where it will effectively be hard coded to true. (markt) * Add: Add DataSource based property storage for the WebdavServlet. (remm) * Coyote * Fix: Align encodedSolidusHandling with the Servlet specification. If the pass-through mode is used, any %25 sequences will now also be passed through to avoid errors and/or corruption when the application decodes the path. (markt) * Jasper * Fix: Follow-up to the fix for 69381. Apply the optimisation for method lookup performance in expression language to an additional location. (markt) * Web applications * Fix: Documentation. Remove references to the ResourceParams element. Support for ResourceParams was removed in Tomcat 5.5.x. (markt) * Fix: Documentation. 69477: Correct name of attribute for RemoteIPFilter. The attribute is internalProxies rather than allowedInternalProxies. Pull request #786 (markt) * Fix: Examples. Fix broken links when Servlet Request Info example is called via a URL that includes a pathInfo component. (markt) * Fix: Examples. Expand the obfuscation of session cookie values in the request header example to JSON responses. (markt) * Add: Examples. Add the ability to delete session attributes in the servlet session example. (markt) * Add: Examples. Add a hard coded limit of 10 attributes per session for the servlet session example. (markt) * Add: Examples. Add the ability to delete session attributes and add a hard coded limit of 10 attributes per session for the JSP form authentication example. (markt) * Add: Examples. Limit the shopping cart example to only allow adding the pre- defined items to the cart. (markt) * Fix: Examples. Remove JSP calendar example. (markt) * Other * Fix: 69465: Fix warnings during native image compilation using the Tomcat embedded JARs. (markt) * Update: Update Tomcat's fork of Commons DBCP to 2.13.0. (markt) * Update: Update EasyMock to 5.5.0. (markt) * Update: Update Checkstyle to 10.20.2. (markt) * Update: Update BND to 7.1.0. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Korean translations. (markt) * Add: Improvements to Chinese translations. (markt) * Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-33=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-33=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-33=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-33=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-33=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-33=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat10-el-5_0-api-10.1.34-150200.5.31.1 * tomcat10-jsp-3_1-api-10.1.34-150200.5.31.1 * tomcat10-webapps-10.1.34-150200.5.31.1 * tomcat10-doc-10.1.34-150200.5.31.1 * tomcat10-admin-webapps-10.1.34-150200.5.31.1 * tomcat10-docs-webapp-10.1.34-150200.5.31.1 * tomcat10-10.1.34-150200.5.31.1 * tomcat10-embed-10.1.34-150200.5.31.1 * tomcat10-lib-10.1.34-150200.5.31.1 * tomcat10-jsvc-10.1.34-150200.5.31.1 * tomcat10-servlet-6_0-api-10.1.34-150200.5.31.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat10-el-5_0-api-10.1.34-150200.5.31.1 * tomcat10-jsp-3_1-api-10.1.34-150200.5.31.1 * tomcat10-webapps-10.1.34-150200.5.31.1 * tomcat10-admin-webapps-10.1.34-150200.5.31.1 * tomcat10-10.1.34-150200.5.31.1 * tomcat10-lib-10.1.34-150200.5.31.1 * tomcat10-servlet-6_0-api-10.1.34-150200.5.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat10-el-5_0-api-10.1.34-150200.5.31.1 * tomcat10-jsp-3_1-api-10.1.34-150200.5.31.1 * tomcat10-webapps-10.1.34-150200.5.31.1 * tomcat10-admin-webapps-10.1.34-150200.5.31.1 * tomcat10-10.1.34-150200.5.31.1 * tomcat10-lib-10.1.34-150200.5.31.1 * tomcat10-servlet-6_0-api-10.1.34-150200.5.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat10-el-5_0-api-10.1.34-150200.5.31.1 * tomcat10-jsp-3_1-api-10.1.34-150200.5.31.1 * tomcat10-webapps-10.1.34-150200.5.31.1 * tomcat10-admin-webapps-10.1.34-150200.5.31.1 * tomcat10-10.1.34-150200.5.31.1 * tomcat10-lib-10.1.34-150200.5.31.1 * tomcat10-servlet-6_0-api-10.1.34-150200.5.31.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat10-el-5_0-api-10.1.34-150200.5.31.1 * tomcat10-jsp-3_1-api-10.1.34-150200.5.31.1 * tomcat10-webapps-10.1.34-150200.5.31.1 * tomcat10-admin-webapps-10.1.34-150200.5.31.1 * tomcat10-10.1.34-150200.5.31.1 * tomcat10-lib-10.1.34-150200.5.31.1 * tomcat10-servlet-6_0-api-10.1.34-150200.5.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat10-el-5_0-api-10.1.34-150200.5.31.1 * tomcat10-jsp-3_1-api-10.1.34-150200.5.31.1 * tomcat10-webapps-10.1.34-150200.5.31.1 * tomcat10-admin-webapps-10.1.34-150200.5.31.1 * tomcat10-10.1.34-150200.5.31.1 * tomcat10-lib-10.1.34-150200.5.31.1 * tomcat10-servlet-6_0-api-10.1.34-150200.5.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50379.html * https://www.suse.com/security/cve/CVE-2024-52317.html * https://www.suse.com/security/cve/CVE-2024-54677.html * https://bugzilla.suse.com/show_bug.cgi?id=1233435 * https://bugzilla.suse.com/show_bug.cgi?id=1234663 * https://bugzilla.suse.com/show_bug.cgi?id=1234664 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 8 12:35:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 08 Jan 2025 12:35:41 -0000 Subject: SUSE-SU-2025:0035-1: important: Security update for the Linux Kernel Message-ID: <173633974189.16706.5150264404327038558@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0035-1 Release Date: Rating: important References: * bsc#1082555 * bsc#1157160 * bsc#1218644 * bsc#1221977 * bsc#1222364 * bsc#1222413 * bsc#1223044 * bsc#1223057 * bsc#1223769 * bsc#1224526 * bsc#1225730 * bsc#1225742 * bsc#1225764 * bsc#1228015 * bsc#1228650 * bsc#1228708 * bsc#1228779 * bsc#1230231 * bsc#1230429 * bsc#1230766 * bsc#1230773 * bsc#1230784 * bsc#1230827 * bsc#1231184 * bsc#1231439 * bsc#1231904 * bsc#1231920 * bsc#1231930 * bsc#1232157 * bsc#1232159 * bsc#1232165 * bsc#1232198 * bsc#1232201 * bsc#1232224 * bsc#1232251 * bsc#1232272 * bsc#1232329 * bsc#1232371 * bsc#1232436 * bsc#1232507 * bsc#1232520 * bsc#1232552 * bsc#1232873 * bsc#1232887 * bsc#1232888 * bsc#1232897 * bsc#1232919 * bsc#1232928 * bsc#1233049 * bsc#1233051 * bsc#1233057 * bsc#1233063 * bsc#1233070 * bsc#1233097 * bsc#1233103 * bsc#1233108 * bsc#1233111 * bsc#1233123 * bsc#1233130 * bsc#1233191 * bsc#1233211 * bsc#1233212 * bsc#1233216 * bsc#1233453 * bsc#1233454 * bsc#1233456 * bsc#1233462 * bsc#1233467 * bsc#1233468 * bsc#1233478 * bsc#1233479 * bsc#1233485 * bsc#1233490 * bsc#1233491 * bsc#1233552 * bsc#1233555 * bsc#1233557 * bsc#1233560 * bsc#1233577 * bsc#1233580 * bsc#1234025 * bsc#1234072 * bsc#1234087 Cross-References: * CVE-2021-47162 * CVE-2022-48853 * CVE-2024-26801 * CVE-2024-26852 * CVE-2024-26886 * CVE-2024-27051 * CVE-2024-35937 * CVE-2024-36886 * CVE-2024-36905 * CVE-2024-36954 * CVE-2024-42098 * CVE-2024-42131 * CVE-2024-42229 * CVE-2024-44995 * CVE-2024-45016 * CVE-2024-46771 * CVE-2024-46777 * CVE-2024-46800 * CVE-2024-47660 * CVE-2024-47679 * CVE-2024-47701 * CVE-2024-49858 * CVE-2024-49868 * CVE-2024-49884 * CVE-2024-49921 * CVE-2024-49925 * CVE-2024-49938 * CVE-2024-49945 * CVE-2024-49950 * CVE-2024-49952 * CVE-2024-50044 * CVE-2024-50055 * CVE-2024-50073 * CVE-2024-50074 * CVE-2024-50095 * CVE-2024-50099 * CVE-2024-50115 * CVE-2024-50117 * CVE-2024-50125 * CVE-2024-50135 * CVE-2024-50148 * CVE-2024-50150 * CVE-2024-50154 * CVE-2024-50167 * CVE-2024-50171 * CVE-2024-50179 * CVE-2024-50183 * CVE-2024-50187 * CVE-2024-50194 * CVE-2024-50195 * CVE-2024-50210 * CVE-2024-50218 * CVE-2024-50234 * CVE-2024-50236 * CVE-2024-50237 * CVE-2024-50264 * CVE-2024-50265 * CVE-2024-50267 * CVE-2024-50273 * CVE-2024-50278 * CVE-2024-50279 * CVE-2024-50289 * CVE-2024-50290 * CVE-2024-50296 * CVE-2024-50301 * CVE-2024-50302 * CVE-2024-53058 * CVE-2024-53061 * CVE-2024-53063 * CVE-2024-53066 * CVE-2024-53085 * CVE-2024-53088 * CVE-2024-53104 * CVE-2024-53114 * CVE-2024-53142 CVSS scores: * CVE-2021-47162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26801 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26801 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26886 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27051 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-27051 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35937 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-36886 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36886 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36905 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36954 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42131 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42229 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42229 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46771 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46777 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46800 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46800 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46800 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47660 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47660 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47660 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47679 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47679 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47679 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47701 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47701 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-47701 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49858 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49858 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-49858 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49868 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49868 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49921 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49921 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49925 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49925 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49925 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49938 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49945 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50044 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50044 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50073 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50117 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50117 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50117 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50125 ( SUSE ): 7.5 CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50125 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50125 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50125 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50135 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50135 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50135 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50148 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50148 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50148 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50150 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50150 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50150 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50167 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50171 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50171 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-50171 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50179 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50179 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50183 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50183 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50183 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50187 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50194 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50234 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50234 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50234 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50236 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-50236 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50265 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50267 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50267 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50267 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50273 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50279 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50279 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-50290 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50296 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50296 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50301 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50301 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50302 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53058 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53058 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53061 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53061 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53063 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53063 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53066 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53066 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53088 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53088 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 75 vulnerabilities and has eight security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48853: swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1228015). * CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hci_error_reset (bsc#1222413). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057). * CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044). * CVE-2024-27051: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (bsc#1223769). * CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526). * CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742). * CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779). * CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708). * CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-46771: can: bcm: Remove proc entry when dev is unregistered (bsc#1230766). * CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773). * CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827). * CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439). * CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930). * CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920). * CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251). * CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272). * CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371). * CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224) * CVE-2024-49938: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (bsc#1232552). * CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165). * CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159). * CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). * CVE-2024-50044: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (bsc#1231904). * CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329). * CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520). * CVE-2024-50074: parport: Proper fix for array out-of-bounds access (bsc#1232507). * CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent (bsc#1232873). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919). * CVE-2024-50117: drm/amd: Guard against bad data for ATIF ACPI method (bsc#1232897). * CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928). * CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888). * CVE-2024-50148: Bluetooth: bnep: fix wild-memory-access in proto_unregister (bsc#1233063). * CVE-2024-50150: usb: typec: altmode should keep reference to parent (bsc#1233051). * CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070). * CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049). * CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057). * CVE-2024-50183: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1233130). * CVE-2024-50187: drm/vc4: Stop the active perfmon before being destroyed (bsc#1233108). * CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103). * CVE-2024-50218: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (bsc#1233191). * CVE-2024-50234: wifi: iwlegacy: Clear stale interrupts before resuming device (bsc#1233211). * CVE-2024-50236: wifi: ath10k: Fix memory leak in management tx (bsc#1233212). * CVE-2024-50237: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (bsc#1233216). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453). * CVE-2024-50265: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (bsc#1233454). * CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456). * CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462). * CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). * CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). * CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478). * CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479). * CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). * CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491). * CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552). * CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555). * CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557). * CVE-2024-53066: nfs: Fix KMSAN warning in decode_getfattr_attrs() (bsc#1233560). * CVE-2024-53085: tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 bsc#1233577). * CVE-2024-53088: i40e: fix race condition by adding filter's intermediate sync state (bsc#1233580). * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). * CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072). The following non-security bugs were fixed: * drm/vc4: Warn if some v3d code is run on BCM2711 (bsc#1233108). * initramfs: avoid filename buffer overrun (bsc#1232436). * kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644). * lpfc: size cpu map by last cpu id set (bsc#1157160). * net: relax socket state check at accept time (git-fixes). * ocfs2: uncache inode which has failed entering the group (bsc#1234087). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-35=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-35=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-4.12.14-122.237.1 * dlm-kmp-default-4.12.14-122.237.1 * kernel-default-debugsource-4.12.14-122.237.1 * cluster-md-kmp-default-4.12.14-122.237.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.237.1 * dlm-kmp-default-debuginfo-4.12.14-122.237.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.237.1 * kernel-default-devel-4.12.14-122.237.1 * kernel-syms-4.12.14-122.237.1 * ocfs2-kmp-default-4.12.14-122.237.1 * kernel-default-base-4.12.14-122.237.1 * kernel-default-base-debuginfo-4.12.14-122.237.1 * gfs2-kmp-default-4.12.14-122.237.1 * kernel-default-debuginfo-4.12.14-122.237.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.237.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-source-4.12.14-122.237.1 * kernel-devel-4.12.14-122.237.1 * kernel-macros-4.12.14-122.237.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.237.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.237.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gfs2-kmp-default-debuginfo-4.12.14-122.237.1 * dlm-kmp-default-4.12.14-122.237.1 * kernel-default-debugsource-4.12.14-122.237.1 * cluster-md-kmp-default-4.12.14-122.237.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.237.1 * dlm-kmp-default-debuginfo-4.12.14-122.237.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.237.1 * kernel-default-devel-4.12.14-122.237.1 * kernel-syms-4.12.14-122.237.1 * kernel-default-devel-debuginfo-4.12.14-122.237.1 * ocfs2-kmp-default-4.12.14-122.237.1 * kernel-default-base-4.12.14-122.237.1 * kernel-default-base-debuginfo-4.12.14-122.237.1 * gfs2-kmp-default-4.12.14-122.237.1 * kernel-default-debuginfo-4.12.14-122.237.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.237.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-source-4.12.14-122.237.1 * kernel-devel-4.12.14-122.237.1 * kernel-macros-4.12.14-122.237.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47162.html * https://www.suse.com/security/cve/CVE-2022-48853.html * https://www.suse.com/security/cve/CVE-2024-26801.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26886.html * https://www.suse.com/security/cve/CVE-2024-27051.html * https://www.suse.com/security/cve/CVE-2024-35937.html * https://www.suse.com/security/cve/CVE-2024-36886.html * https://www.suse.com/security/cve/CVE-2024-36905.html * https://www.suse.com/security/cve/CVE-2024-36954.html * https://www.suse.com/security/cve/CVE-2024-42098.html * https://www.suse.com/security/cve/CVE-2024-42131.html * https://www.suse.com/security/cve/CVE-2024-42229.html * https://www.suse.com/security/cve/CVE-2024-44995.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-46771.html * https://www.suse.com/security/cve/CVE-2024-46777.html * https://www.suse.com/security/cve/CVE-2024-46800.html * https://www.suse.com/security/cve/CVE-2024-47660.html * https://www.suse.com/security/cve/CVE-2024-47679.html * https://www.suse.com/security/cve/CVE-2024-47701.html * https://www.suse.com/security/cve/CVE-2024-49858.html * https://www.suse.com/security/cve/CVE-2024-49868.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49921.html * https://www.suse.com/security/cve/CVE-2024-49925.html * https://www.suse.com/security/cve/CVE-2024-49938.html * https://www.suse.com/security/cve/CVE-2024-49945.html * https://www.suse.com/security/cve/CVE-2024-49950.html * https://www.suse.com/security/cve/CVE-2024-49952.html * https://www.suse.com/security/cve/CVE-2024-50044.html * https://www.suse.com/security/cve/CVE-2024-50055.html * https://www.suse.com/security/cve/CVE-2024-50073.html * https://www.suse.com/security/cve/CVE-2024-50074.html * https://www.suse.com/security/cve/CVE-2024-50095.html * https://www.suse.com/security/cve/CVE-2024-50099.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50117.html * https://www.suse.com/security/cve/CVE-2024-50125.html * https://www.suse.com/security/cve/CVE-2024-50135.html * https://www.suse.com/security/cve/CVE-2024-50148.html * https://www.suse.com/security/cve/CVE-2024-50150.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-50167.html * https://www.suse.com/security/cve/CVE-2024-50171.html * https://www.suse.com/security/cve/CVE-2024-50179.html * https://www.suse.com/security/cve/CVE-2024-50183.html * https://www.suse.com/security/cve/CVE-2024-50187.html * https://www.suse.com/security/cve/CVE-2024-50194.html * https://www.suse.com/security/cve/CVE-2024-50195.html * https://www.suse.com/security/cve/CVE-2024-50210.html * https://www.suse.com/security/cve/CVE-2024-50218.html * https://www.suse.com/security/cve/CVE-2024-50234.html * https://www.suse.com/security/cve/CVE-2024-50236.html * https://www.suse.com/security/cve/CVE-2024-50237.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://www.suse.com/security/cve/CVE-2024-50265.html * https://www.suse.com/security/cve/CVE-2024-50267.html * https://www.suse.com/security/cve/CVE-2024-50273.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50279.html * https://www.suse.com/security/cve/CVE-2024-50289.html * https://www.suse.com/security/cve/CVE-2024-50290.html * https://www.suse.com/security/cve/CVE-2024-50296.html * https://www.suse.com/security/cve/CVE-2024-50301.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-53058.html * https://www.suse.com/security/cve/CVE-2024-53061.html * https://www.suse.com/security/cve/CVE-2024-53063.html * https://www.suse.com/security/cve/CVE-2024-53066.html * https://www.suse.com/security/cve/CVE-2024-53085.html * https://www.suse.com/security/cve/CVE-2024-53088.html * https://www.suse.com/security/cve/CVE-2024-53104.html * https://www.suse.com/security/cve/CVE-2024-53114.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://bugzilla.suse.com/show_bug.cgi?id=1082555 * https://bugzilla.suse.com/show_bug.cgi?id=1157160 * https://bugzilla.suse.com/show_bug.cgi?id=1218644 * https://bugzilla.suse.com/show_bug.cgi?id=1221977 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222413 * https://bugzilla.suse.com/show_bug.cgi?id=1223044 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223769 * https://bugzilla.suse.com/show_bug.cgi?id=1224526 * https://bugzilla.suse.com/show_bug.cgi?id=1225730 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1225764 * https://bugzilla.suse.com/show_bug.cgi?id=1228015 * https://bugzilla.suse.com/show_bug.cgi?id=1228650 * https://bugzilla.suse.com/show_bug.cgi?id=1228708 * https://bugzilla.suse.com/show_bug.cgi?id=1228779 * https://bugzilla.suse.com/show_bug.cgi?id=1230231 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230766 * https://bugzilla.suse.com/show_bug.cgi?id=1230773 * https://bugzilla.suse.com/show_bug.cgi?id=1230784 * https://bugzilla.suse.com/show_bug.cgi?id=1230827 * https://bugzilla.suse.com/show_bug.cgi?id=1231184 * https://bugzilla.suse.com/show_bug.cgi?id=1231439 * https://bugzilla.suse.com/show_bug.cgi?id=1231904 * https://bugzilla.suse.com/show_bug.cgi?id=1231920 * https://bugzilla.suse.com/show_bug.cgi?id=1231930 * https://bugzilla.suse.com/show_bug.cgi?id=1232157 * https://bugzilla.suse.com/show_bug.cgi?id=1232159 * https://bugzilla.suse.com/show_bug.cgi?id=1232165 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232224 * https://bugzilla.suse.com/show_bug.cgi?id=1232251 * https://bugzilla.suse.com/show_bug.cgi?id=1232272 * https://bugzilla.suse.com/show_bug.cgi?id=1232329 * https://bugzilla.suse.com/show_bug.cgi?id=1232371 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1232507 * https://bugzilla.suse.com/show_bug.cgi?id=1232520 * https://bugzilla.suse.com/show_bug.cgi?id=1232552 * https://bugzilla.suse.com/show_bug.cgi?id=1232873 * https://bugzilla.suse.com/show_bug.cgi?id=1232887 * https://bugzilla.suse.com/show_bug.cgi?id=1232888 * https://bugzilla.suse.com/show_bug.cgi?id=1232897 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1232928 * https://bugzilla.suse.com/show_bug.cgi?id=1233049 * https://bugzilla.suse.com/show_bug.cgi?id=1233051 * https://bugzilla.suse.com/show_bug.cgi?id=1233057 * https://bugzilla.suse.com/show_bug.cgi?id=1233063 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233097 * https://bugzilla.suse.com/show_bug.cgi?id=1233103 * https://bugzilla.suse.com/show_bug.cgi?id=1233108 * https://bugzilla.suse.com/show_bug.cgi?id=1233111 * https://bugzilla.suse.com/show_bug.cgi?id=1233123 * https://bugzilla.suse.com/show_bug.cgi?id=1233130 * https://bugzilla.suse.com/show_bug.cgi?id=1233191 * https://bugzilla.suse.com/show_bug.cgi?id=1233211 * https://bugzilla.suse.com/show_bug.cgi?id=1233212 * https://bugzilla.suse.com/show_bug.cgi?id=1233216 * https://bugzilla.suse.com/show_bug.cgi?id=1233453 * https://bugzilla.suse.com/show_bug.cgi?id=1233454 * https://bugzilla.suse.com/show_bug.cgi?id=1233456 * https://bugzilla.suse.com/show_bug.cgi?id=1233462 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233468 * https://bugzilla.suse.com/show_bug.cgi?id=1233478 * https://bugzilla.suse.com/show_bug.cgi?id=1233479 * https://bugzilla.suse.com/show_bug.cgi?id=1233485 * https://bugzilla.suse.com/show_bug.cgi?id=1233490 * https://bugzilla.suse.com/show_bug.cgi?id=1233491 * https://bugzilla.suse.com/show_bug.cgi?id=1233552 * https://bugzilla.suse.com/show_bug.cgi?id=1233555 * https://bugzilla.suse.com/show_bug.cgi?id=1233557 * https://bugzilla.suse.com/show_bug.cgi?id=1233560 * https://bugzilla.suse.com/show_bug.cgi?id=1233577 * https://bugzilla.suse.com/show_bug.cgi?id=1233580 * https://bugzilla.suse.com/show_bug.cgi?id=1234025 * https://bugzilla.suse.com/show_bug.cgi?id=1234072 * https://bugzilla.suse.com/show_bug.cgi?id=1234087 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 8 12:37:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 08 Jan 2025 12:37:24 -0000 Subject: SUSE-SU-2025:0034-1: important: Security update for the Linux Kernel Message-ID: <173633984480.16706.17785378585667827352@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0034-1 Release Date: 2025-01-08T09:47:32Z Rating: important References: * bsc#1082555 * bsc#1176081 * bsc#1206344 * bsc#1213034 * bsc#1218562 * bsc#1219125 * bsc#1220439 * bsc#1221980 * bsc#1222629 * bsc#1223384 * bsc#1223824 * bsc#1225189 * bsc#1225336 * bsc#1225611 * bsc#1226585 * bsc#1226606 * bsc#1227437 * bsc#1227885 * bsc#1227941 * bsc#1227947 * bsc#1227952 * bsc#1228000 * bsc#1228410 * bsc#1228564 * bsc#1228620 * bsc#1228743 * bsc#1229005 * bsc#1229042 * bsc#1229154 * bsc#1229568 * bsc#1229769 * bsc#1229837 * bsc#1230179 * bsc#1230405 * bsc#1230725 * bsc#1230802 * bsc#1231072 * bsc#1231094 * bsc#1231096 * bsc#1231105 * bsc#1231111 * bsc#1231115 * bsc#1231148 * bsc#1231191 * bsc#1231197 * bsc#1231203 * bsc#1231293 * bsc#1231375 * bsc#1231537 * bsc#1231539 * bsc#1231540 * bsc#1231673 * bsc#1231858 * bsc#1231859 * bsc#1231861 * bsc#1231864 * bsc#1231888 * bsc#1231889 * bsc#1231890 * bsc#1231893 * bsc#1231897 * bsc#1231903 * bsc#1231914 * bsc#1231929 * bsc#1231935 * bsc#1231938 * bsc#1231939 * bsc#1231942 * bsc#1231954 * bsc#1231958 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1231995 * bsc#1231996 * bsc#1231997 * bsc#1231998 * bsc#1232006 * bsc#1232007 * bsc#1232016 * bsc#1232025 * bsc#1232026 * bsc#1232035 * bsc#1232037 * bsc#1232038 * bsc#1232039 * bsc#1232047 * bsc#1232056 * bsc#1232069 * bsc#1232070 * bsc#1232071 * bsc#1232089 * bsc#1232097 * bsc#1232111 * bsc#1232123 * bsc#1232126 * bsc#1232133 * bsc#1232134 * bsc#1232135 * bsc#1232140 * bsc#1232141 * bsc#1232142 * bsc#1232149 * bsc#1232151 * bsc#1232152 * bsc#1232160 * bsc#1232172 * bsc#1232175 * bsc#1232180 * bsc#1232191 * bsc#1232199 * bsc#1232200 * bsc#1232201 * bsc#1232217 * bsc#1232218 * bsc#1232221 * bsc#1232236 * bsc#1232253 * bsc#1232282 * bsc#1232285 * bsc#1232286 * bsc#1232304 * bsc#1232305 * bsc#1232313 * bsc#1232314 * bsc#1232339 * bsc#1232354 * bsc#1232392 * bsc#1232394 * bsc#1232418 * bsc#1232424 * bsc#1232432 * bsc#1232442 Cross-References: * CVE-2021-46936 * CVE-2021-47163 * CVE-2021-47416 * CVE-2021-47612 * CVE-2022-48788 * CVE-2022-48789 * CVE-2022-48790 * CVE-2022-48809 * CVE-2022-48946 * CVE-2022-48949 * CVE-2022-48951 * CVE-2022-48956 * CVE-2022-48958 * CVE-2022-48960 * CVE-2022-48962 * CVE-2022-48966 * CVE-2022-48967 * CVE-2022-48969 * CVE-2022-48971 * CVE-2022-48972 * CVE-2022-48973 * CVE-2022-48978 * CVE-2022-48985 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48992 * CVE-2022-48997 * CVE-2022-49000 * CVE-2022-49002 * CVE-2022-49010 * CVE-2022-49011 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49020 * CVE-2022-49021 * CVE-2022-49026 * CVE-2022-49027 * CVE-2022-49028 * CVE-2022-49029 * CVE-2023-46343 * CVE-2023-52881 * CVE-2023-52898 * CVE-2023-52918 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-26804 * CVE-2024-27043 * CVE-2024-38538 * CVE-2024-39476 * CVE-2024-40965 * CVE-2024-41016 * CVE-2024-41082 * CVE-2024-42114 * CVE-2024-42145 * CVE-2024-42253 * CVE-2024-44931 * CVE-2024-44958 * CVE-2024-46724 * CVE-2024-46755 * CVE-2024-46802 * CVE-2024-46809 * CVE-2024-46813 * CVE-2024-46816 * CVE-2024-46818 * CVE-2024-46826 * CVE-2024-46834 * CVE-2024-46840 * CVE-2024-46841 * CVE-2024-46848 * CVE-2024-47670 * CVE-2024-47672 * CVE-2024-47673 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47685 * CVE-2024-47696 * CVE-2024-47697 * CVE-2024-47698 * CVE-2024-47706 * CVE-2024-47707 * CVE-2024-47713 * CVE-2024-47735 * CVE-2024-47737 * CVE-2024-47742 * CVE-2024-47745 * CVE-2024-47749 * CVE-2024-49851 * CVE-2024-49860 * CVE-2024-49877 * CVE-2024-49881 * CVE-2024-49882 * CVE-2024-49883 * CVE-2024-49890 * CVE-2024-49891 * CVE-2024-49894 * CVE-2024-49896 * CVE-2024-49901 * CVE-2024-49920 * CVE-2024-49929 * CVE-2024-49936 * CVE-2024-49949 * CVE-2024-49957 * CVE-2024-49958 * CVE-2024-49959 * CVE-2024-49962 * CVE-2024-49965 * CVE-2024-49966 * CVE-2024-49967 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49995 * CVE-2024-49996 * CVE-2024-50006 * CVE-2024-50007 * CVE-2024-50024 * CVE-2024-50033 * CVE-2024-50035 * CVE-2024-50045 * CVE-2024-50047 * CVE-2024-50058 CVSS scores: * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48788 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48788 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48789 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48789 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48790 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48790 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48949 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48951 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48951 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48966 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48966 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48966 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48969 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48973 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48973 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48978 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48978 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48985 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48992 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48992 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48997 ( SUSE ): 1.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48997 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2022-48997 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49000 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49002 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49002 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49020 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49020 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49027 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-49028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52898 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26804 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26804 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38538 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38538 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-39476 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39476 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40965 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42253 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42253 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42253 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-44931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46724 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-46724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46724 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46755 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46802 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46802 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46826 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47670 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47672 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47672 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47673 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47685 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47685 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-47685 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47696 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47696 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47697 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47697 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47697 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47698 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47698 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47698 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47713 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47713 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47735 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47737 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47737 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47737 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47742 ( SUSE ): 8.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-47742 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-47742 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47745 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47745 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47745 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47749 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47749 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49851 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49877 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49877 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49890 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49891 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49894 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49894 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49894 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49896 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49957 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49966 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50006 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50006 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50006 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50007 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50007 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50007 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50035 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50035 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50035 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50045 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50058 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50058 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 120 vulnerabilities and has 13 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The Linux Enterprise 12 SP5 kernel turned LTSS (Extended Security) The following security bugs were fixed: * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47163: kABI fix for tipc: wait and exit until all work queues are done (bsc#1221980). * CVE-2021-47612: nfc: fix segfault in nfc_genl_dump_devices_done (bsc#1226585). * CVE-2022-48809: net: fix a memleak when uncloning an skb dst and its metadata (bsc#1227947). * CVE-2022-48951: ASoC: ops: Correct bounds check for second channel on SX controls (bsc#1231929). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in greth_init_rings() (bsc#1231889). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191). * CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304). * CVE-2022-48971: Bluetooth: Fix not cleanup led when bt_init fails (bsc#1232037). * CVE-2022-48972: mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() (bsc#1232025). * CVE-2022-48973: gpio: amd8111: Fix PCI device reference count leak (bsc#1232039). * CVE-2022-48978: HID: core: fix shift-out-of-bounds in hid_report_raw_event (bsc#1232038). * CVE-2022-48991: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths (bsc#1232070). * CVE-2022-48992: ASoC: soc-pcm: Add NULL check in BE reparenting (bsc#1232071). * CVE-2022-49000: iommu/vt-d: Fix PCI device refcount leak in has_external_pci() (bsc#1232123). * CVE-2022-49002: iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() (bsc#1232133). * CVE-2022-49010: hwmon: (coretemp) Check for null before removing sysfs attrs (bsc#1232172). * CVE-2022-49011: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (bsc#1232006). * CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open (bsc#1232175). * CVE-2022-49021: net: phy: fix null-ptr-deref while probe() failed (bsc#1231939). * CVE-2022-49026: e100: Fix possible use after free in e100_xmit_prepare (bsc#1231997). * CVE-2022-49027: iavf: Fix error handling in iavf_init_module() (bsc#1232007). * CVE-2022-49028: ixgbevf: Fix resource leak in ixgbevf_init_module() (bsc#1231996). * CVE-2022-49029: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails (bsc#1231995). * CVE-2023-52898: xhci: Fix null pointer dereference when host dies (bsc#1229568). * CVE-2023-52918: media: pci: cx23885: check cx23885_vdev_init() return (bsc#1232047). * CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629). * CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). * CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (bsc#1227437). * CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885). * CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620). * CVE-2024-42114: netlink: extend policy range validation (bsc#1228564 prerequisite). * CVE-2024-42253: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (bsc#1229005 stable-fixes). * CVE-2024-44931: gpio: prevent potential speculation leaks in gpio_device_get_desc() (bsc#1229837 stable-fixes). * CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179). * CVE-2024-46724: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (bsc#1230725). * CVE-2024-46755: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (bsc#1230802). * CVE-2024-46802: drm/amd/display: added NULL check at start of dc_validate_stream (bsc#1231111). * CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115). * CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096). * CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105). * CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094). * CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072). * CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540). * CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998). * CVE-2024-47697: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (bsc#1231858). * CVE-2024-47698: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (bsc#1231859). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935). * CVE-2024-47713: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (bsc#1232016). * CVE-2024-47735: RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (bsc#1232111). * CVE-2024-47737: nfsd: call cache_put if xdr_reserve_space returns NULL (bsc#1232056). * CVE-2024-47742: firmware_loader: Block path traversal (bsc#1232126). * CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135). * CVE-2024-49851: tpm: Clean up TPM space after command failure (bsc#1232134). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201). * CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200). * CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199). * CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217). * CVE-2024-49891: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1232218). * CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354). * CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221). * CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305). * CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313). * CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160). * CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151). * CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149). * CVE-2024-49962: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (bsc#1232314). * CVE-2024-49966: ocfs2: cancel dqi_sync_work before freeing oinfo (bsc#1232141). * CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). * CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442). * CVE-2024-50007: ALSA: asihpi: Fix potential OOB array access (bsc#1232394). * CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954). * CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914). * CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392). * CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). * CVE-2024-50058: serial: protect uart_port_dtr_rts() in uart_shutdown() too (bsc#1232285). The following non-security bugs were fixed: * arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes) * arm64: probes: Fix simulate_ldr*_literal() (git-fixes) * arm64: probes: Fix uprobes for big-endian kernels (git-fixes) * arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes) * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * drbd: Add NULL check for net_conf to prevent dereference in state validation (git-fixes). * drbd: Fix atomicity violation in drbd_uuid_set_bm() (git-fixes). * ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201) * kernel-binary: generate and install compile_commands.json (bsc#1228971) * net: usb: usbnet: fix name regression (get-fixes). * nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes). * nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes). * x86/kaslr: Expose and use the end of the physical memory address space (bsc#1230405). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-34=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-34=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-4.12.14-122.234.1 * kernel-default-base-4.12.14-122.234.1 * kernel-default-debugsource-4.12.14-122.234.1 * dlm-kmp-default-4.12.14-122.234.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.234.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.234.1 * kernel-default-debuginfo-4.12.14-122.234.1 * kernel-default-devel-4.12.14-122.234.1 * cluster-md-kmp-default-4.12.14-122.234.1 * kernel-default-base-debuginfo-4.12.14-122.234.1 * kernel-syms-4.12.14-122.234.1 * ocfs2-kmp-default-4.12.14-122.234.1 * dlm-kmp-default-debuginfo-4.12.14-122.234.1 * gfs2-kmp-default-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-devel-4.12.14-122.234.1 * kernel-macros-4.12.14-122.234.1 * kernel-source-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gfs2-kmp-default-debuginfo-4.12.14-122.234.1 * kernel-default-base-4.12.14-122.234.1 * kernel-default-debugsource-4.12.14-122.234.1 * dlm-kmp-default-4.12.14-122.234.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.234.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.234.1 * kernel-default-debuginfo-4.12.14-122.234.1 * kernel-default-devel-4.12.14-122.234.1 * cluster-md-kmp-default-4.12.14-122.234.1 * kernel-default-base-debuginfo-4.12.14-122.234.1 * kernel-syms-4.12.14-122.234.1 * ocfs2-kmp-default-4.12.14-122.234.1 * kernel-default-devel-debuginfo-4.12.14-122.234.1 * dlm-kmp-default-debuginfo-4.12.14-122.234.1 * gfs2-kmp-default-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-devel-4.12.14-122.234.1 * kernel-macros-4.12.14-122.234.1 * kernel-source-4.12.14-122.234.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47163.html * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2022-48788.html * https://www.suse.com/security/cve/CVE-2022-48789.html * https://www.suse.com/security/cve/CVE-2022-48790.html * https://www.suse.com/security/cve/CVE-2022-48809.html * https://www.suse.com/security/cve/CVE-2022-48946.html * https://www.suse.com/security/cve/CVE-2022-48949.html * https://www.suse.com/security/cve/CVE-2022-48951.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48958.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48966.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48969.html * https://www.suse.com/security/cve/CVE-2022-48971.html * https://www.suse.com/security/cve/CVE-2022-48972.html * https://www.suse.com/security/cve/CVE-2022-48973.html * https://www.suse.com/security/cve/CVE-2022-48978.html * https://www.suse.com/security/cve/CVE-2022-48985.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48992.html * https://www.suse.com/security/cve/CVE-2022-48997.html * https://www.suse.com/security/cve/CVE-2022-49000.html * https://www.suse.com/security/cve/CVE-2022-49002.html * https://www.suse.com/security/cve/CVE-2022-49010.html * https://www.suse.com/security/cve/CVE-2022-49011.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49020.html * https://www.suse.com/security/cve/CVE-2022-49021.html * https://www.suse.com/security/cve/CVE-2022-49026.html * https://www.suse.com/security/cve/CVE-2022-49027.html * https://www.suse.com/security/cve/CVE-2022-49028.html * https://www.suse.com/security/cve/CVE-2022-49029.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52898.html * https://www.suse.com/security/cve/CVE-2023-52918.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-26804.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-38538.html * https://www.suse.com/security/cve/CVE-2024-39476.html * https://www.suse.com/security/cve/CVE-2024-40965.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41082.html * https://www.suse.com/security/cve/CVE-2024-42114.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-42253.html * https://www.suse.com/security/cve/CVE-2024-44931.html * https://www.suse.com/security/cve/CVE-2024-44958.html * https://www.suse.com/security/cve/CVE-2024-46724.html * https://www.suse.com/security/cve/CVE-2024-46755.html * https://www.suse.com/security/cve/CVE-2024-46802.html * https://www.suse.com/security/cve/CVE-2024-46809.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46826.html * https://www.suse.com/security/cve/CVE-2024-46834.html * https://www.suse.com/security/cve/CVE-2024-46840.html * https://www.suse.com/security/cve/CVE-2024-46841.html * https://www.suse.com/security/cve/CVE-2024-46848.html * https://www.suse.com/security/cve/CVE-2024-47670.html * https://www.suse.com/security/cve/CVE-2024-47672.html * https://www.suse.com/security/cve/CVE-2024-47673.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47685.html * https://www.suse.com/security/cve/CVE-2024-47696.html * https://www.suse.com/security/cve/CVE-2024-47697.html * https://www.suse.com/security/cve/CVE-2024-47698.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47707.html * https://www.suse.com/security/cve/CVE-2024-47713.html * https://www.suse.com/security/cve/CVE-2024-47735.html * https://www.suse.com/security/cve/CVE-2024-47737.html * https://www.suse.com/security/cve/CVE-2024-47742.html * https://www.suse.com/security/cve/CVE-2024-47745.html * https://www.suse.com/security/cve/CVE-2024-47749.html * https://www.suse.com/security/cve/CVE-2024-49851.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49877.html * https://www.suse.com/security/cve/CVE-2024-49881.html * https://www.suse.com/security/cve/CVE-2024-49882.html * https://www.suse.com/security/cve/CVE-2024-49883.html * https://www.suse.com/security/cve/CVE-2024-49890.html * https://www.suse.com/security/cve/CVE-2024-49891.html * https://www.suse.com/security/cve/CVE-2024-49894.html * https://www.suse.com/security/cve/CVE-2024-49896.html * https://www.suse.com/security/cve/CVE-2024-49901.html * https://www.suse.com/security/cve/CVE-2024-49920.html * https://www.suse.com/security/cve/CVE-2024-49929.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49949.html * https://www.suse.com/security/cve/CVE-2024-49957.html * https://www.suse.com/security/cve/CVE-2024-49958.html * https://www.suse.com/security/cve/CVE-2024-49959.html * https://www.suse.com/security/cve/CVE-2024-49962.html * https://www.suse.com/security/cve/CVE-2024-49965.html * https://www.suse.com/security/cve/CVE-2024-49966.html * https://www.suse.com/security/cve/CVE-2024-49967.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-49996.html * https://www.suse.com/security/cve/CVE-2024-50006.html * https://www.suse.com/security/cve/CVE-2024-50007.html * https://www.suse.com/security/cve/CVE-2024-50024.html * https://www.suse.com/security/cve/CVE-2024-50033.html * https://www.suse.com/security/cve/CVE-2024-50035.html * https://www.suse.com/security/cve/CVE-2024-50045.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50058.html * https://bugzilla.suse.com/show_bug.cgi?id=1082555 * https://bugzilla.suse.com/show_bug.cgi?id=1176081 * https://bugzilla.suse.com/show_bug.cgi?id=1206344 * https://bugzilla.suse.com/show_bug.cgi?id=1213034 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219125 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1221980 * https://bugzilla.suse.com/show_bug.cgi?id=1222629 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225189 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226606 * https://bugzilla.suse.com/show_bug.cgi?id=1227437 * https://bugzilla.suse.com/show_bug.cgi?id=1227885 * https://bugzilla.suse.com/show_bug.cgi?id=1227941 * https://bugzilla.suse.com/show_bug.cgi?id=1227947 * https://bugzilla.suse.com/show_bug.cgi?id=1227952 * https://bugzilla.suse.com/show_bug.cgi?id=1228000 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228564 * https://bugzilla.suse.com/show_bug.cgi?id=1228620 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229005 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229568 * https://bugzilla.suse.com/show_bug.cgi?id=1229769 * https://bugzilla.suse.com/show_bug.cgi?id=1229837 * https://bugzilla.suse.com/show_bug.cgi?id=1230179 * https://bugzilla.suse.com/show_bug.cgi?id=1230405 * https://bugzilla.suse.com/show_bug.cgi?id=1230725 * https://bugzilla.suse.com/show_bug.cgi?id=1230802 * https://bugzilla.suse.com/show_bug.cgi?id=1231072 * https://bugzilla.suse.com/show_bug.cgi?id=1231094 * https://bugzilla.suse.com/show_bug.cgi?id=1231096 * https://bugzilla.suse.com/show_bug.cgi?id=1231105 * https://bugzilla.suse.com/show_bug.cgi?id=1231111 * https://bugzilla.suse.com/show_bug.cgi?id=1231115 * https://bugzilla.suse.com/show_bug.cgi?id=1231148 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231537 * https://bugzilla.suse.com/show_bug.cgi?id=1231539 * https://bugzilla.suse.com/show_bug.cgi?id=1231540 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231858 * https://bugzilla.suse.com/show_bug.cgi?id=1231859 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231864 * https://bugzilla.suse.com/show_bug.cgi?id=1231888 * https://bugzilla.suse.com/show_bug.cgi?id=1231889 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231897 * https://bugzilla.suse.com/show_bug.cgi?id=1231903 * https://bugzilla.suse.com/show_bug.cgi?id=1231914 * https://bugzilla.suse.com/show_bug.cgi?id=1231929 * https://bugzilla.suse.com/show_bug.cgi?id=1231935 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231939 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231954 * https://bugzilla.suse.com/show_bug.cgi?id=1231958 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1231995 * https://bugzilla.suse.com/show_bug.cgi?id=1231996 * https://bugzilla.suse.com/show_bug.cgi?id=1231997 * https://bugzilla.suse.com/show_bug.cgi?id=1231998 * https://bugzilla.suse.com/show_bug.cgi?id=1232006 * https://bugzilla.suse.com/show_bug.cgi?id=1232007 * https://bugzilla.suse.com/show_bug.cgi?id=1232016 * https://bugzilla.suse.com/show_bug.cgi?id=1232025 * https://bugzilla.suse.com/show_bug.cgi?id=1232026 * https://bugzilla.suse.com/show_bug.cgi?id=1232035 * https://bugzilla.suse.com/show_bug.cgi?id=1232037 * https://bugzilla.suse.com/show_bug.cgi?id=1232038 * https://bugzilla.suse.com/show_bug.cgi?id=1232039 * https://bugzilla.suse.com/show_bug.cgi?id=1232047 * https://bugzilla.suse.com/show_bug.cgi?id=1232056 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232071 * https://bugzilla.suse.com/show_bug.cgi?id=1232089 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232111 * https://bugzilla.suse.com/show_bug.cgi?id=1232123 * https://bugzilla.suse.com/show_bug.cgi?id=1232126 * https://bugzilla.suse.com/show_bug.cgi?id=1232133 * https://bugzilla.suse.com/show_bug.cgi?id=1232134 * https://bugzilla.suse.com/show_bug.cgi?id=1232135 * https://bugzilla.suse.com/show_bug.cgi?id=1232140 * https://bugzilla.suse.com/show_bug.cgi?id=1232141 * https://bugzilla.suse.com/show_bug.cgi?id=1232142 * https://bugzilla.suse.com/show_bug.cgi?id=1232149 * https://bugzilla.suse.com/show_bug.cgi?id=1232151 * https://bugzilla.suse.com/show_bug.cgi?id=1232152 * https://bugzilla.suse.com/show_bug.cgi?id=1232160 * https://bugzilla.suse.com/show_bug.cgi?id=1232172 * https://bugzilla.suse.com/show_bug.cgi?id=1232175 * https://bugzilla.suse.com/show_bug.cgi?id=1232180 * https://bugzilla.suse.com/show_bug.cgi?id=1232191 * https://bugzilla.suse.com/show_bug.cgi?id=1232199 * https://bugzilla.suse.com/show_bug.cgi?id=1232200 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232217 * https://bugzilla.suse.com/show_bug.cgi?id=1232218 * https://bugzilla.suse.com/show_bug.cgi?id=1232221 * https://bugzilla.suse.com/show_bug.cgi?id=1232236 * https://bugzilla.suse.com/show_bug.cgi?id=1232253 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232285 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232305 * https://bugzilla.suse.com/show_bug.cgi?id=1232313 * https://bugzilla.suse.com/show_bug.cgi?id=1232314 * https://bugzilla.suse.com/show_bug.cgi?id=1232339 * https://bugzilla.suse.com/show_bug.cgi?id=1232354 * https://bugzilla.suse.com/show_bug.cgi?id=1232392 * https://bugzilla.suse.com/show_bug.cgi?id=1232394 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 12:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 12:30:04 -0000 Subject: SUSE-SU-2025:0040-1: moderate: Security update for openjpeg2 Message-ID: <173642580433.16706.698333146755264332@smelt2.prg2.suse.org> # Security update for openjpeg2 Announcement ID: SUSE-SU-2025:0040-1 Release Date: 2025-01-09T10:33:33Z Rating: moderate References: * bsc#1235029 Cross-References: * CVE-2024-56826 CVSS scores: * CVE-2024-56826 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56826 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56826 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openjpeg2 fixes the following issues: * CVE-2024-56826: Fixed heap buffer overflow in bin/common/color.c (bsc#1235029) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-40=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libopenjp2-7-2.1.0-4.21.1 * openjpeg2-debuginfo-2.1.0-4.21.1 * libopenjp2-7-debuginfo-2.1.0-4.21.1 * openjpeg2-debugsource-2.1.0-4.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56826.html * https://bugzilla.suse.com/show_bug.cgi?id=1235029 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 16:30:07 -0000 Subject: SUSE-SU-2025:0049-1: moderate: Security update for python310 Message-ID: <173644020787.16729.18361254317367034505@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2025:0049-1 Release Date: 2025-01-09T15:37:11Z Rating: moderate References: * bsc#1232241 * bsc#1233307 Cross-References: * CVE-2024-11168 * CVE-2024-9287 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for python310 fixes the following issues: * Update to 3.10.16 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-49=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-49=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-idle-3.10.16-150400.4.66.1 * python310-testsuite-3.10.16-150400.4.66.1 * python310-base-3.10.16-150400.4.66.1 * python310-testsuite-debuginfo-3.10.16-150400.4.66.1 * python310-curses-debuginfo-3.10.16-150400.4.66.1 * python310-tools-3.10.16-150400.4.66.1 * python310-tk-3.10.16-150400.4.66.1 * python310-curses-3.10.16-150400.4.66.1 * python310-dbm-debuginfo-3.10.16-150400.4.66.1 * python310-dbm-3.10.16-150400.4.66.1 * python310-debuginfo-3.10.16-150400.4.66.1 * libpython3_10-1_0-debuginfo-3.10.16-150400.4.66.1 * python310-base-debuginfo-3.10.16-150400.4.66.1 * python310-debugsource-3.10.16-150400.4.66.1 * python310-devel-3.10.16-150400.4.66.1 * python310-core-debugsource-3.10.16-150400.4.66.1 * python310-3.10.16-150400.4.66.1 * python310-doc-3.10.16-150400.4.66.1 * python310-doc-devhelp-3.10.16-150400.4.66.1 * python310-tk-debuginfo-3.10.16-150400.4.66.1 * libpython3_10-1_0-3.10.16-150400.4.66.1 * openSUSE Leap 15.4 (x86_64) * python310-base-32bit-3.10.16-150400.4.66.1 * python310-base-32bit-debuginfo-3.10.16-150400.4.66.1 * python310-32bit-debuginfo-3.10.16-150400.4.66.1 * python310-32bit-3.10.16-150400.4.66.1 * libpython3_10-1_0-32bit-3.10.16-150400.4.66.1 * libpython3_10-1_0-32bit-debuginfo-3.10.16-150400.4.66.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_10-1_0-64bit-debuginfo-3.10.16-150400.4.66.1 * python310-64bit-3.10.16-150400.4.66.1 * python310-base-64bit-debuginfo-3.10.16-150400.4.66.1 * libpython3_10-1_0-64bit-3.10.16-150400.4.66.1 * python310-base-64bit-3.10.16-150400.4.66.1 * python310-64bit-debuginfo-3.10.16-150400.4.66.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python310-idle-3.10.16-150400.4.66.1 * python310-testsuite-3.10.16-150400.4.66.1 * python310-base-3.10.16-150400.4.66.1 * python310-testsuite-debuginfo-3.10.16-150400.4.66.1 * python310-curses-debuginfo-3.10.16-150400.4.66.1 * python310-tools-3.10.16-150400.4.66.1 * python310-tk-3.10.16-150400.4.66.1 * python310-curses-3.10.16-150400.4.66.1 * python310-dbm-debuginfo-3.10.16-150400.4.66.1 * python310-dbm-3.10.16-150400.4.66.1 * python310-debuginfo-3.10.16-150400.4.66.1 * libpython3_10-1_0-debuginfo-3.10.16-150400.4.66.1 * python310-base-debuginfo-3.10.16-150400.4.66.1 * python310-debugsource-3.10.16-150400.4.66.1 * python310-devel-3.10.16-150400.4.66.1 * python310-core-debugsource-3.10.16-150400.4.66.1 * python310-3.10.16-150400.4.66.1 * python310-doc-3.10.16-150400.4.66.1 * python310-doc-devhelp-3.10.16-150400.4.66.1 * python310-tk-debuginfo-3.10.16-150400.4.66.1 * libpython3_10-1_0-3.10.16-150400.4.66.1 * openSUSE Leap 15.6 (x86_64) * python310-base-32bit-3.10.16-150400.4.66.1 * python310-base-32bit-debuginfo-3.10.16-150400.4.66.1 * python310-32bit-debuginfo-3.10.16-150400.4.66.1 * python310-32bit-3.10.16-150400.4.66.1 * libpython3_10-1_0-32bit-3.10.16-150400.4.66.1 * libpython3_10-1_0-32bit-debuginfo-3.10.16-150400.4.66.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1232241 * https://bugzilla.suse.com/show_bug.cgi?id=1233307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 16:30:10 -0000 Subject: SUSE-SU-2025:0048-1: moderate: Security update for python312 Message-ID: <173644021052.16729.8503990515760645837@smelt2.prg2.suse.org> # Security update for python312 Announcement ID: SUSE-SU-2025:0048-1 Release Date: 2025-01-09T15:36:59Z Rating: moderate References: * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python312 fixes the following issues: * Properly quote path names provided when creating a virtual environment (bsc#1232241, CVE-2024-9287) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-48=1 SUSE-2025-48=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-48=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-base-debuginfo-3.12.8-150600.3.15.1 * python312-dbm-debuginfo-3.12.8-150600.3.15.1 * python312-testsuite-3.12.8-150600.3.15.1 * libpython3_12-1_0-3.12.8-150600.3.15.1 * python312-tools-3.12.8-150600.3.15.1 * python312-devel-3.12.8-150600.3.15.1 * python312-tk-debuginfo-3.12.8-150600.3.15.1 * python312-doc-devhelp-3.12.8-150600.3.15.1 * python312-curses-3.12.8-150600.3.15.1 * python312-debugsource-3.12.8-150600.3.15.1 * python312-core-debugsource-3.12.8-150600.3.15.1 * python312-curses-debuginfo-3.12.8-150600.3.15.1 * libpython3_12-1_0-debuginfo-3.12.8-150600.3.15.1 * python312-dbm-3.12.8-150600.3.15.1 * python312-base-3.12.8-150600.3.15.1 * python312-debuginfo-3.12.8-150600.3.15.1 * python312-testsuite-debuginfo-3.12.8-150600.3.15.1 * python312-idle-3.12.8-150600.3.15.1 * python312-3.12.8-150600.3.15.1 * python312-tk-3.12.8-150600.3.15.1 * python312-doc-3.12.8-150600.3.15.1 * openSUSE Leap 15.6 (x86_64) * python312-32bit-debuginfo-3.12.8-150600.3.15.1 * python312-base-32bit-debuginfo-3.12.8-150600.3.15.1 * libpython3_12-1_0-32bit-debuginfo-3.12.8-150600.3.15.1 * libpython3_12-1_0-32bit-3.12.8-150600.3.15.1 * python312-32bit-3.12.8-150600.3.15.1 * python312-base-32bit-3.12.8-150600.3.15.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python312-64bit-debuginfo-3.12.8-150600.3.15.1 * libpython3_12-1_0-64bit-debuginfo-3.12.8-150600.3.15.1 * python312-64bit-3.12.8-150600.3.15.1 * libpython3_12-1_0-64bit-3.12.8-150600.3.15.1 * python312-base-64bit-3.12.8-150600.3.15.1 * python312-base-64bit-debuginfo-3.12.8-150600.3.15.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-base-3.12.8-150600.3.15.1 * python312-base-debuginfo-3.12.8-150600.3.15.1 * python312-core-debugsource-3.12.8-150600.3.15.1 * python312-dbm-debuginfo-3.12.8-150600.3.15.1 * python312-debuginfo-3.12.8-150600.3.15.1 * python312-tk-debuginfo-3.12.8-150600.3.15.1 * python312-curses-debuginfo-3.12.8-150600.3.15.1 * libpython3_12-1_0-3.12.8-150600.3.15.1 * python312-idle-3.12.8-150600.3.15.1 * python312-tools-3.12.8-150600.3.15.1 * python312-3.12.8-150600.3.15.1 * libpython3_12-1_0-debuginfo-3.12.8-150600.3.15.1 * python312-devel-3.12.8-150600.3.15.1 * python312-tk-3.12.8-150600.3.15.1 * python312-curses-3.12.8-150600.3.15.1 * python312-debugsource-3.12.8-150600.3.15.1 * python312-dbm-3.12.8-150600.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 16:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 16:30:17 -0000 Subject: SUSE-SU-2025:0047-1: moderate: Security update for python39 Message-ID: <173644021702.16729.10224311793389263073@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2025:0047-1 Release Date: 2025-01-09T15:36:42Z Rating: moderate References: * bsc#1232241 * bsc#1233307 Cross-References: * CVE-2024-11168 * CVE-2024-9287 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for python39 fixes the following issue: * Update to 3.9.21 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-47=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-47=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-doc-devhelp-3.9.21-150300.4.61.1 * python39-testsuite-debuginfo-3.9.21-150300.4.61.1 * python39-core-debugsource-3.9.21-150300.4.61.1 * python39-curses-debuginfo-3.9.21-150300.4.61.1 * python39-testsuite-3.9.21-150300.4.61.1 * python39-tools-3.9.21-150300.4.61.1 * python39-base-debuginfo-3.9.21-150300.4.61.1 * python39-idle-3.9.21-150300.4.61.1 * python39-tk-3.9.21-150300.4.61.1 * python39-debugsource-3.9.21-150300.4.61.1 * python39-tk-debuginfo-3.9.21-150300.4.61.1 * python39-dbm-3.9.21-150300.4.61.1 * python39-3.9.21-150300.4.61.1 * python39-dbm-debuginfo-3.9.21-150300.4.61.1 * libpython3_9-1_0-3.9.21-150300.4.61.1 * libpython3_9-1_0-debuginfo-3.9.21-150300.4.61.1 * python39-doc-3.9.21-150300.4.61.1 * python39-debuginfo-3.9.21-150300.4.61.1 * python39-base-3.9.21-150300.4.61.1 * python39-curses-3.9.21-150300.4.61.1 * python39-devel-3.9.21-150300.4.61.1 * openSUSE Leap 15.3 (x86_64) * python39-base-32bit-debuginfo-3.9.21-150300.4.61.1 * python39-32bit-debuginfo-3.9.21-150300.4.61.1 * libpython3_9-1_0-32bit-debuginfo-3.9.21-150300.4.61.1 * libpython3_9-1_0-32bit-3.9.21-150300.4.61.1 * python39-base-32bit-3.9.21-150300.4.61.1 * python39-32bit-3.9.21-150300.4.61.1 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-64bit-3.9.21-150300.4.61.1 * libpython3_9-1_0-64bit-3.9.21-150300.4.61.1 * python39-64bit-debuginfo-3.9.21-150300.4.61.1 * python39-base-64bit-3.9.21-150300.4.61.1 * libpython3_9-1_0-64bit-debuginfo-3.9.21-150300.4.61.1 * python39-base-64bit-debuginfo-3.9.21-150300.4.61.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-doc-devhelp-3.9.21-150300.4.61.1 * python39-testsuite-debuginfo-3.9.21-150300.4.61.1 * python39-core-debugsource-3.9.21-150300.4.61.1 * python39-curses-debuginfo-3.9.21-150300.4.61.1 * python39-testsuite-3.9.21-150300.4.61.1 * python39-tools-3.9.21-150300.4.61.1 * python39-base-debuginfo-3.9.21-150300.4.61.1 * python39-idle-3.9.21-150300.4.61.1 * python39-tk-3.9.21-150300.4.61.1 * python39-debugsource-3.9.21-150300.4.61.1 * python39-tk-debuginfo-3.9.21-150300.4.61.1 * python39-dbm-3.9.21-150300.4.61.1 * python39-3.9.21-150300.4.61.1 * python39-dbm-debuginfo-3.9.21-150300.4.61.1 * libpython3_9-1_0-3.9.21-150300.4.61.1 * libpython3_9-1_0-debuginfo-3.9.21-150300.4.61.1 * python39-doc-3.9.21-150300.4.61.1 * python39-debuginfo-3.9.21-150300.4.61.1 * python39-base-3.9.21-150300.4.61.1 * python39-curses-3.9.21-150300.4.61.1 * python39-devel-3.9.21-150300.4.61.1 * openSUSE Leap 15.6 (x86_64) * python39-base-32bit-debuginfo-3.9.21-150300.4.61.1 * python39-32bit-debuginfo-3.9.21-150300.4.61.1 * libpython3_9-1_0-32bit-debuginfo-3.9.21-150300.4.61.1 * libpython3_9-1_0-32bit-3.9.21-150300.4.61.1 * python39-base-32bit-3.9.21-150300.4.61.1 * python39-32bit-3.9.21-150300.4.61.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1232241 * https://bugzilla.suse.com/show_bug.cgi?id=1233307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 16:30:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 16:30:22 -0000 Subject: SUSE-SU-2025:0044-1: moderate: Security update for openjpeg2 Message-ID: <173644022254.16729.3984357469649991040@smelt2.prg2.suse.org> # Security update for openjpeg2 Announcement ID: SUSE-SU-2025:0044-1 Release Date: 2025-01-09T15:05:04Z Rating: moderate References: * bsc#1235029 Cross-References: * CVE-2024-56826 CVSS scores: * CVE-2024-56826 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56826 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56826 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for openjpeg2 fixes the following issues: * CVE-2024-56826: Fixed heap buffer overflow in bin/common/color.c (bsc#1235029) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-44=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-44=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-44=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * openjpeg2-devel-2.3.0-150000.3.18.1 * openjpeg2-debugsource-2.3.0-150000.3.18.1 * libopenjp2-7-debuginfo-2.3.0-150000.3.18.1 * libopenjp2-7-2.3.0-150000.3.18.1 * openjpeg2-debuginfo-2.3.0-150000.3.18.1 * openjpeg2-2.3.0-150000.3.18.1 * openSUSE Leap 15.6 (x86_64) * libopenjp2-7-32bit-2.3.0-150000.3.18.1 * libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.18.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openjpeg2-devel-2.3.0-150000.3.18.1 * openjpeg2-debugsource-2.3.0-150000.3.18.1 * libopenjp2-7-debuginfo-2.3.0-150000.3.18.1 * libopenjp2-7-2.3.0-150000.3.18.1 * openjpeg2-debuginfo-2.3.0-150000.3.18.1 * openjpeg2-2.3.0-150000.3.18.1 * SUSE Package Hub 15 15-SP6 (x86_64) * libopenjp2-7-32bit-2.3.0-150000.3.18.1 * libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56826.html * https://bugzilla.suse.com/show_bug.cgi?id=1235029 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 16:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 16:30:25 -0000 Subject: SUSE-SU-2025:0043-1: important: Security update for webkit2gtk3 Message-ID: <173644022591.16729.8860886711942229740@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:0043-1 Release Date: 2025-01-09T15:04:41Z Rating: important References: * bsc#1234851 Cross-References: * CVE-2024-40866 * CVE-2024-44185 * CVE-2024-44187 * CVE-2024-44308 * CVE-2024-44309 * CVE-2024-54479 * CVE-2024-54502 * CVE-2024-54505 * CVE-2024-54508 * CVE-2024-54534 CVSS scores: * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44308 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44309 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-54479 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54479 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54502 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54502 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54502 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54502 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54505 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-54505 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2024-54505 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-54505 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54508 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54508 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54508 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54508 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54534 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-54534 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-54534 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-54534 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 (bsc#1234851): Security fixes: * CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54505: Processing maliciously crafted web content may lead to memory corruption * CVE-2024-54508: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54534: Processing maliciously crafted web content may lead to memory corruption Other fixes: * Fix the build with GBM and release logs disabled. * Fix several crashes and rendering issues. * Improve memory consumption and performance of Canvas getImageData. * Fix preserve-3D intersection rendering. * Fix video dimensions since GStreamer 1.24.9. * Fix the HTTP-based remote Web Inspector not loading in Chromium. * Fix content filters not working on about:blank iframes. * Fix several crashes and rendering issues. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-43=1 openSUSE-SLE-15.6-2025-43=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-43=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-43=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-43=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-6.0-lang-2.46.5-150600.12.24.1 * WebKitGTK-4.0-lang-2.46.5-150600.12.24.1 * WebKitGTK-4.1-lang-2.46.5-150600.12.24.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * webkit-jsc-4.1-2.46.5-150600.12.24.1 * webkit-jsc-4.1-debuginfo-2.46.5-150600.12.24.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150600.12.24.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150600.12.24.1 * webkit2gtk3-soup2-devel-2.46.5-150600.12.24.1 * webkit2gtk4-devel-2.46.5-150600.12.24.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150600.12.24.1 * webkit-jsc-6.0-debuginfo-2.46.5-150600.12.24.1 * webkit2gtk3-soup2-minibrowser-2.46.5-150600.12.24.1 * webkit2gtk4-minibrowser-2.46.5-150600.12.24.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.5-150600.12.24.1 * libjavascriptcoregtk-6_0-1-2.46.5-150600.12.24.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150600.12.24.1 * webkitgtk-6_0-injected-bundles-2.46.5-150600.12.24.1 * webkit2gtk3-debugsource-2.46.5-150600.12.24.1 * webkit-jsc-4-2.46.5-150600.12.24.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.5-150600.12.24.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.5-150600.12.24.1 * webkit-jsc-4-debuginfo-2.46.5-150600.12.24.1 * webkit2gtk4-debugsource-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_0-18-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150600.12.24.1 * webkit-jsc-6.0-2.46.5-150600.12.24.1 * webkit2gtk3-minibrowser-2.46.5-150600.12.24.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150600.12.24.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150600.12.24.1 * libwebkit2gtk-4_0-37-2.46.5-150600.12.24.1 * webkit2gtk4-minibrowser-debuginfo-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_1-0-2.46.5-150600.12.24.1 * libwebkitgtk-6_0-4-2.46.5-150600.12.24.1 * libwebkit2gtk-4_1-0-2.46.5-150600.12.24.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150600.12.24.1 * webkit2gtk3-devel-2.46.5-150600.12.24.1 * webkit2gtk3-minibrowser-debuginfo-2.46.5-150600.12.24.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150600.12.24.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150600.12.24.1 * typelib-1_0-JavaScriptCore-6_0-2.46.5-150600.12.24.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150600.12.24.1 * typelib-1_0-WebKit-6_0-2.46.5-150600.12.24.1 * typelib-1_0-WebKit2-4_1-2.46.5-150600.12.24.1 * typelib-1_0-WebKit2-4_0-2.46.5-150600.12.24.1 * webkit2gtk3-soup2-debugsource-2.46.5-150600.12.24.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150600.12.24.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150600.12.24.1 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.5-150600.12.24.1 * libwebkit2gtk-4_0-37-32bit-2.46.5-150600.12.24.1 * libwebkit2gtk-4_1-0-32bit-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.5-150600.12.24.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.5-150600.12.24.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.5-150600.12.24.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.5-150600.12.24.1 * libwebkit2gtk-4_0-37-64bit-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.5-150600.12.24.1 * libwebkit2gtk-4_1-0-64bit-2.46.5-150600.12.24.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.5-150600.12.24.1 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-6.0-lang-2.46.5-150600.12.24.1 * WebKitGTK-4.0-lang-2.46.5-150600.12.24.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150600.12.24.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150600.12.24.1 * webkit2gtk3-soup2-devel-2.46.5-150600.12.24.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150600.12.24.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150600.12.24.1 * libwebkit2gtk-4_0-37-2.46.5-150600.12.24.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150600.12.24.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.5-150600.12.24.1 * webkit2gtk4-debugsource-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_0-18-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150600.12.24.1 * libwebkitgtk-6_0-4-2.46.5-150600.12.24.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150600.12.24.1 * webkit2gtk3-soup2-debugsource-2.46.5-150600.12.24.1 * libjavascriptcoregtk-6_0-1-2.46.5-150600.12.24.1 * typelib-1_0-WebKit2-4_0-2.46.5-150600.12.24.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150600.12.24.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150600.12.24.1 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.46.5-150600.12.24.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150600.12.24.1 * webkit2gtk3-debugsource-2.46.5-150600.12.24.1 * webkit2gtk3-devel-2.46.5-150600.12.24.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150600.12.24.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_1-0-2.46.5-150600.12.24.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150600.12.24.1 * libwebkit2gtk-4_1-0-2.46.5-150600.12.24.1 * typelib-1_0-WebKit2-4_1-2.46.5-150600.12.24.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150600.12.24.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150600.12.24.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-JavaScriptCore-6_0-2.46.5-150600.12.24.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.5-150600.12.24.1 * webkit2gtk4-debugsource-2.46.5-150600.12.24.1 * webkit2gtk4-devel-2.46.5-150600.12.24.1 * typelib-1_0-WebKit-6_0-2.46.5-150600.12.24.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-44308.html * https://www.suse.com/security/cve/CVE-2024-44309.html * https://www.suse.com/security/cve/CVE-2024-54479.html * https://www.suse.com/security/cve/CVE-2024-54502.html * https://www.suse.com/security/cve/CVE-2024-54505.html * https://www.suse.com/security/cve/CVE-2024-54508.html * https://www.suse.com/security/cve/CVE-2024-54534.html * https://bugzilla.suse.com/show_bug.cgi?id=1234851 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 20:30:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 20:30:03 -0000 Subject: SUSE-SU-2025:0056-1: important: Security update for MozillaFirefox Message-ID: <173645460368.16729.2301860563687292596@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:0056-1 Release Date: 2025-01-09T16:59:18Z Rating: important References: * bsc#1234991 Cross-References: * CVE-2025-0237 * CVE-2025-0238 * CVE-2025-0239 * CVE-2025-0240 * CVE-2025-0241 * CVE-2025-0242 * CVE-2025-0243 CVSS scores: * CVE-2025-0237 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0237 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0238 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-0238 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-0239 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0239 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0240 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0240 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0242 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0242 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0243 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 128.6.0 ESR * Fixed: Various security fixes. MFSA 2025-02 (bsc#1234991) * CVE-2025-0237 (bmo#1915257) WebChannel APIs susceptible to confused deputy attack * CVE-2025-0238 (bmo#1915535) Use-after- free when breaking lines * CVE-2025-0239 (bmo#1929156) Alt-Svc ALPN validation failure when redirected * CVE-2025-0240 (bmo#1929623) Compartment mismatch when parsing JavaScript JSON module * CVE-2025-0241 (bmo#1933023) Memory corruption when using JavaScript Text Segmentation * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, bmo#1932169) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 * CVE-2025-0243 (bmo#1827142, bmo#1932783) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 * Firefox Extended Support Release 128.5.2 ESR * Fixed: Fixed a crash experienced by Windows users with Qihoo 360 Total Security Antivirus software installed (bmo#1934258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-56=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-56=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.6.0-112.243.1 * MozillaFirefox-debuginfo-128.6.0-112.243.1 * MozillaFirefox-translations-common-128.6.0-112.243.1 * MozillaFirefox-debugsource-128.6.0-112.243.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * MozillaFirefox-devel-128.6.0-112.243.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * MozillaFirefox-128.6.0-112.243.1 * MozillaFirefox-debuginfo-128.6.0-112.243.1 * MozillaFirefox-translations-common-128.6.0-112.243.1 * MozillaFirefox-debugsource-128.6.0-112.243.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * MozillaFirefox-devel-128.6.0-112.243.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0237.html * https://www.suse.com/security/cve/CVE-2025-0238.html * https://www.suse.com/security/cve/CVE-2025-0239.html * https://www.suse.com/security/cve/CVE-2025-0240.html * https://www.suse.com/security/cve/CVE-2025-0241.html * https://www.suse.com/security/cve/CVE-2025-0242.html * https://www.suse.com/security/cve/CVE-2025-0243.html * https://bugzilla.suse.com/show_bug.cgi?id=1234991 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 20:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 20:30:21 -0000 Subject: SUSE-SU-2025:0055-1: important: Security update for gstreamer-plugins-good Message-ID: <173645462143.16729.9840846661809798668@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-good Announcement ID: SUSE-SU-2025:0055-1 Release Date: 2025-01-09T16:37:03Z Rating: important References: * bsc#1234414 * bsc#1234417 * bsc#1234421 * bsc#1234424 * bsc#1234425 * bsc#1234426 * bsc#1234427 * bsc#1234428 * bsc#1234432 * bsc#1234433 * bsc#1234434 * bsc#1234435 * bsc#1234436 * bsc#1234439 * bsc#1234440 * bsc#1234446 * bsc#1234447 * bsc#1234449 * bsc#1234462 * bsc#1234473 * bsc#1234476 * bsc#1234477 Cross-References: * CVE-2024-47530 * CVE-2024-47537 * CVE-2024-47539 * CVE-2024-47543 * CVE-2024-47544 * CVE-2024-47545 * CVE-2024-47546 * CVE-2024-47596 * CVE-2024-47597 * CVE-2024-47598 * CVE-2024-47599 * CVE-2024-47601 * CVE-2024-47602 * CVE-2024-47603 * CVE-2024-47606 * CVE-2024-47613 * CVE-2024-47774 * CVE-2024-47775 * CVE-2024-47776 * CVE-2024-47777 * CVE-2024-47778 * CVE-2024-47834 CVSS scores: * CVE-2024-47530 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-47530 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-47537 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47537 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47537 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47539 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47539 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47539 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47543 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47543 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47543 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47544 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47545 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47546 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47546 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47546 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47596 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47597 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47598 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47598 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47599 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47599 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47599 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47601 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47603 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47613 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47774 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47774 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47775 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47775 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47776 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47776 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47777 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47777 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47778 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47778 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47834 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves 22 vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-good fixes the following issues: * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) * CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414) * CVE-2024-47539: Fixed an out-of-bounds write in convert_to_s334_1a. (boo#1234417) * CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421) * CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads. (boo#1234424) * CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425) * CVE-2024-47598: Fixed MP4/MOV sample table parser out-of-bounds read. (boo#1234426) * CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (boo#1234427) * CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428) * CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (boo#1234432) * CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433) * CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434) * CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435) * CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436) * CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439) * CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input files. (boo#1234440) * CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads. (boo#1234446) * CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447) * CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462) * CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473) * CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read. (boo#1234476) * CVE-2024-47546: Fixed an integer underflow in extract_cc_from_data leading to out-of-bounds read. (boo#1234477) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-55=1 openSUSE-SLE-15.6-2025-55=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-55=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-55=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-plugins-good-qtqml-1.24.0-150600.3.3.1 * gstreamer-plugins-good-qtqml-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-extra-1.24.0-150600.3.3.1 * gstreamer-plugins-good-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-1.24.0-150600.3.3.1 * gstreamer-plugins-good-gtk-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-jack-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-debugsource-1.24.0-150600.3.3.1 * gstreamer-plugins-good-extra-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-gtk-1.24.0-150600.3.3.1 * gstreamer-plugins-good-jack-1.24.0-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * gstreamer-plugins-good-32bit-1.24.0-150600.3.3.1 * gstreamer-plugins-good-jack-32bit-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-extra-32bit-1.24.0-150600.3.3.1 * gstreamer-plugins-good-extra-32bit-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-jack-32bit-1.24.0-150600.3.3.1 * gstreamer-plugins-good-32bit-debuginfo-1.24.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * gstreamer-plugins-good-lang-1.24.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * gstreamer-plugins-good-64bit-1.24.0-150600.3.3.1 * gstreamer-plugins-good-jack-64bit-1.24.0-150600.3.3.1 * gstreamer-plugins-good-extra-64bit-1.24.0-150600.3.3.1 * gstreamer-plugins-good-64bit-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-jack-64bit-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-extra-64bit-debuginfo-1.24.0-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-good-1.24.0-150600.3.3.1 * gstreamer-plugins-good-debugsource-1.24.0-150600.3.3.1 * gstreamer-plugins-good-debuginfo-1.24.0-150600.3.3.1 * Basesystem Module 15-SP6 (noarch) * gstreamer-plugins-good-lang-1.24.0-150600.3.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * gstreamer-plugins-good-debugsource-1.24.0-150600.3.3.1 * gstreamer-plugins-good-gtk-1.24.0-150600.3.3.1 * gstreamer-plugins-good-debuginfo-1.24.0-150600.3.3.1 * gstreamer-plugins-good-gtk-debuginfo-1.24.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47530.html * https://www.suse.com/security/cve/CVE-2024-47537.html * https://www.suse.com/security/cve/CVE-2024-47539.html * https://www.suse.com/security/cve/CVE-2024-47543.html * https://www.suse.com/security/cve/CVE-2024-47544.html * https://www.suse.com/security/cve/CVE-2024-47545.html * https://www.suse.com/security/cve/CVE-2024-47546.html * https://www.suse.com/security/cve/CVE-2024-47596.html * https://www.suse.com/security/cve/CVE-2024-47597.html * https://www.suse.com/security/cve/CVE-2024-47598.html * https://www.suse.com/security/cve/CVE-2024-47599.html * https://www.suse.com/security/cve/CVE-2024-47601.html * https://www.suse.com/security/cve/CVE-2024-47602.html * https://www.suse.com/security/cve/CVE-2024-47603.html * https://www.suse.com/security/cve/CVE-2024-47606.html * https://www.suse.com/security/cve/CVE-2024-47613.html * https://www.suse.com/security/cve/CVE-2024-47774.html * https://www.suse.com/security/cve/CVE-2024-47775.html * https://www.suse.com/security/cve/CVE-2024-47776.html * https://www.suse.com/security/cve/CVE-2024-47777.html * https://www.suse.com/security/cve/CVE-2024-47778.html * https://www.suse.com/security/cve/CVE-2024-47834.html * https://bugzilla.suse.com/show_bug.cgi?id=1234414 * https://bugzilla.suse.com/show_bug.cgi?id=1234417 * https://bugzilla.suse.com/show_bug.cgi?id=1234421 * https://bugzilla.suse.com/show_bug.cgi?id=1234424 * https://bugzilla.suse.com/show_bug.cgi?id=1234425 * https://bugzilla.suse.com/show_bug.cgi?id=1234426 * https://bugzilla.suse.com/show_bug.cgi?id=1234427 * https://bugzilla.suse.com/show_bug.cgi?id=1234428 * https://bugzilla.suse.com/show_bug.cgi?id=1234432 * https://bugzilla.suse.com/show_bug.cgi?id=1234433 * https://bugzilla.suse.com/show_bug.cgi?id=1234434 * https://bugzilla.suse.com/show_bug.cgi?id=1234435 * https://bugzilla.suse.com/show_bug.cgi?id=1234436 * https://bugzilla.suse.com/show_bug.cgi?id=1234439 * https://bugzilla.suse.com/show_bug.cgi?id=1234440 * https://bugzilla.suse.com/show_bug.cgi?id=1234446 * https://bugzilla.suse.com/show_bug.cgi?id=1234447 * https://bugzilla.suse.com/show_bug.cgi?id=1234449 * https://bugzilla.suse.com/show_bug.cgi?id=1234462 * https://bugzilla.suse.com/show_bug.cgi?id=1234473 * https://bugzilla.suse.com/show_bug.cgi?id=1234476 * https://bugzilla.suse.com/show_bug.cgi?id=1234477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 20:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 20:30:28 -0000 Subject: SUSE-SU-2025:0054-1: important: Security update for gstreamer-plugins-base Message-ID: <173645462847.16729.12205542140528879289@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2025:0054-1 Release Date: 2025-01-09T16:36:42Z Rating: important References: * bsc#1234415 * bsc#1234450 * bsc#1234453 * bsc#1234455 * bsc#1234456 * bsc#1234459 * bsc#1234460 Cross-References: * CVE-2024-47538 * CVE-2024-47541 * CVE-2024-47542 * CVE-2024-47600 * CVE-2024-47607 * CVE-2024-47615 * CVE-2024-47835 CVSS scores: * CVE-2024-47538 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47538 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47538 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47541 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47541 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47542 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47600 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47600 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47600 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47607 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47607 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47615 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47835 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47835 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-47538: Fixed a stack-buffer overflow in vorbis_handle_identification_packet. (bsc#1234415) * CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. (bsc#1234450) * CVE-2024-47600: Fixed an out-of-bounds read in gst-discoverer-1.0 commandline tool. (bsc#1234453) * CVE-2024-47615: Fixed an out-of-bounds write in Ogg demuxer. (bsc#1234456) * CVE-2024-47541: Fixed an out-of-bounds write in SSA subtitle parser. (bsc#1234459) * CVE-2024-47542: Fixed an ID3v2 parser out-of-bounds read and NULL-pointer dereference. (bsc#1234460) * CVE-2024-47607: Fixed a stack buffer-overflow in Opus decoder. (bsc#1234455) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-54=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-54=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-54=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-54=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-54=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-54=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * openSUSE Leap 15.5 (x86_64) * libgstgl-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-32bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-32bit-1.22.0-150500.3.11.1 * libgstapp-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstapp-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-32bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-32bit-1.22.0-150500.3.11.1 * libgstfft-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-32bit-1.22.0-150500.3.11.1 * libgsttag-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-32bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstriff-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * libgstriff-1_0-0-32bit-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-32bit-debuginfo-1.22.0-150500.3.11.1 * openSUSE Leap 15.5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libgstvideo-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstfft-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstriff-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstapp-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstgl-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-64bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstapp-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstfft-1_0-0-64bit-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-64bit-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-64bit-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-64bit-debuginfo-1.22.0-150500.3.11.1 * libgstriff-1_0-0-64bit-1.22.0-150500.3.11.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-1.22.0-150500.3.11.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgsttag-1_0-0-1.22.0-150500.3.11.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstfft-1_0-0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-1.22.0-150500.3.11.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.11.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.11.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.11.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.11.1 * libgstapp-1_0-0-1.22.0-150500.3.11.1 * libgstsdp-1_0-0-1.22.0-150500.3.11.1 * gstreamer-plugins-base-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-1.22.0-150500.3.11.1 * libgstallocators-1_0-0-1.22.0-150500.3.11.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstpbutils-1_0-0-1.22.0-150500.3.11.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.11.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47538.html * https://www.suse.com/security/cve/CVE-2024-47541.html * https://www.suse.com/security/cve/CVE-2024-47542.html * https://www.suse.com/security/cve/CVE-2024-47600.html * https://www.suse.com/security/cve/CVE-2024-47607.html * https://www.suse.com/security/cve/CVE-2024-47615.html * https://www.suse.com/security/cve/CVE-2024-47835.html * https://bugzilla.suse.com/show_bug.cgi?id=1234415 * https://bugzilla.suse.com/show_bug.cgi?id=1234450 * https://bugzilla.suse.com/show_bug.cgi?id=1234453 * https://bugzilla.suse.com/show_bug.cgi?id=1234455 * https://bugzilla.suse.com/show_bug.cgi?id=1234456 * https://bugzilla.suse.com/show_bug.cgi?id=1234459 * https://bugzilla.suse.com/show_bug.cgi?id=1234460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 20:30:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 20:30:31 -0000 Subject: SUSE-SU-2025:0053-1: important: Security update for gstreamer Message-ID: <173645463135.16729.5649681169022609080@smelt2.prg2.suse.org> # Security update for gstreamer Announcement ID: SUSE-SU-2025:0053-1 Release Date: 2025-01-09T16:36:09Z Rating: important References: * bsc#1234449 Cross-References: * CVE-2024-47606 CVSS scores: * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer fixes the following issues: * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-53=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-53=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-53=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-53=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-53=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-53=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-devel-1.22.0-150500.3.5.1 * gstreamer-utils-debuginfo-1.22.0-150500.3.5.1 * gstreamer-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-1.22.0-150500.3.5.1 * typelib-1_0-Gst-1_0-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debugsource-1.22.0-150500.3.5.1 * gstreamer-utils-1.22.0-150500.3.5.1 * openSUSE Leap 15.5 (x86_64) * gstreamer-32bit-debuginfo-1.22.0-150500.3.5.1 * gstreamer-32bit-1.22.0-150500.3.5.1 * typelib-1_0-Gst-1_0-32bit-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-32bit-1.22.0-150500.3.5.1 * gstreamer-devel-32bit-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-32bit-debuginfo-1.22.0-150500.3.5.1 * openSUSE Leap 15.5 (noarch) * gstreamer-lang-1.22.0-150500.3.5.1 * openSUSE Leap 15.5 (aarch64_ilp32) * gstreamer-devel-64bit-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-64bit-1.22.0-150500.3.5.1 * gstreamer-64bit-1.22.0-150500.3.5.1 * gstreamer-64bit-debuginfo-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-64bit-debuginfo-1.22.0-150500.3.5.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * gstreamer-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debugsource-1.22.0-150500.3.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * gstreamer-devel-1.22.0-150500.3.5.1 * gstreamer-utils-debuginfo-1.22.0-150500.3.5.1 * gstreamer-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-1.22.0-150500.3.5.1 * typelib-1_0-Gst-1_0-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debugsource-1.22.0-150500.3.5.1 * gstreamer-utils-1.22.0-150500.3.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * gstreamer-lang-1.22.0-150500.3.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * gstreamer-devel-1.22.0-150500.3.5.1 * gstreamer-utils-debuginfo-1.22.0-150500.3.5.1 * gstreamer-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-1.22.0-150500.3.5.1 * typelib-1_0-Gst-1_0-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debugsource-1.22.0-150500.3.5.1 * gstreamer-utils-1.22.0-150500.3.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * gstreamer-lang-1.22.0-150500.3.5.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gstreamer-devel-1.22.0-150500.3.5.1 * gstreamer-utils-debuginfo-1.22.0-150500.3.5.1 * gstreamer-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-1.22.0-150500.3.5.1 * typelib-1_0-Gst-1_0-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debugsource-1.22.0-150500.3.5.1 * gstreamer-utils-1.22.0-150500.3.5.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * gstreamer-lang-1.22.0-150500.3.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * gstreamer-devel-1.22.0-150500.3.5.1 * gstreamer-utils-debuginfo-1.22.0-150500.3.5.1 * gstreamer-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-1.22.0-150500.3.5.1 * typelib-1_0-Gst-1_0-1.22.0-150500.3.5.1 * libgstreamer-1_0-0-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debuginfo-1.22.0-150500.3.5.1 * gstreamer-debugsource-1.22.0-150500.3.5.1 * gstreamer-utils-1.22.0-150500.3.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * gstreamer-lang-1.22.0-150500.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47606.html * https://bugzilla.suse.com/show_bug.cgi?id=1234449 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 20:30:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 20:30:37 -0000 Subject: SUSE-SU-2025:0052-1: important: Security update for gstreamer-plugins-base Message-ID: <173645463746.16729.8751473447997402893@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2025:0052-1 Release Date: 2025-01-09T16:35:43Z Rating: important References: * bsc#1234415 * bsc#1234447 * bsc#1234450 * bsc#1234455 * bsc#1234456 * bsc#1234459 * bsc#1234460 Cross-References: * CVE-2024-47538 * CVE-2024-47541 * CVE-2024-47542 * CVE-2024-47607 * CVE-2024-47613 * CVE-2024-47615 * CVE-2024-47835 CVSS scores: * CVE-2024-47538 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47538 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47538 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47541 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47541 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47542 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47607 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47607 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47613 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47615 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47835 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47835 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-47538: Fixed a stack-buffer overflow in vorbis_handle_identification_packet. (bsc#1234415) * CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. (bsc#1234450) * CVE-2024-47615: Fixed an out-of-bounds write in Ogg demuxer. (bsc#1234456) * CVE-2024-47541: Fixed an out-of-bounds write in SSA subtitle parser. (bsc#1234459) * CVE-2024-47542: Fixed an ID3v2 parser out-of-bounds read and NULL-pointer dereference. (bsc#1234460) * CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447) * CVE-2024-47607: Fixed a stack buffer-overflow in Opus decoder. (bsc#1234455) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-52=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-52=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgstallocators-1_0-0-1.8.3-13.18.1 * gstreamer-plugins-base-1.8.3-13.18.1 * gstreamer-plugins-base-debugsource-1.8.3-13.18.1 * gstreamer-plugins-base-debuginfo-1.8.3-13.18.1 * libgstapp-1_0-0-1.8.3-13.18.1 * libgstallocators-1_0-0-debuginfo-1.8.3-13.18.1 * libgstfft-1_0-0-1.8.3-13.18.1 * libgstapp-1_0-0-debuginfo-1.8.3-13.18.1 * libgstvideo-1_0-0-1.8.3-13.18.1 * libgstvideo-1_0-0-debuginfo-1.8.3-13.18.1 * libgstriff-1_0-0-1.8.3-13.18.1 * libgstaudio-1_0-0-debuginfo-1.8.3-13.18.1 * libgsttag-1_0-0-1.8.3-13.18.1 * libgstaudio-1_0-0-1.8.3-13.18.1 * libgstrtp-1_0-0-debuginfo-1.8.3-13.18.1 * libgstfft-1_0-0-debuginfo-1.8.3-13.18.1 * libgstsdp-1_0-0-debuginfo-1.8.3-13.18.1 * libgstpbutils-1_0-0-1.8.3-13.18.1 * libgstrtp-1_0-0-1.8.3-13.18.1 * gstreamer-plugins-base-devel-1.8.3-13.18.1 * libgstsdp-1_0-0-1.8.3-13.18.1 * libgstrtsp-1_0-0-1.8.3-13.18.1 * libgsttag-1_0-0-debuginfo-1.8.3-13.18.1 * libgstpbutils-1_0-0-debuginfo-1.8.3-13.18.1 * libgstrtsp-1_0-0-debuginfo-1.8.3-13.18.1 * libgstriff-1_0-0-debuginfo-1.8.3-13.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * gstreamer-plugins-base-lang-1.8.3-13.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libgsttag-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * libgstvideo-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * libgstaudio-1_0-0-32bit-1.8.3-13.18.1 * libgstpbutils-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * libgstapp-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * gstreamer-plugins-base-debuginfo-32bit-1.8.3-13.18.1 * libgstvideo-1_0-0-32bit-1.8.3-13.18.1 * libgstaudio-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * libgstpbutils-1_0-0-32bit-1.8.3-13.18.1 * libgsttag-1_0-0-32bit-1.8.3-13.18.1 * libgstapp-1_0-0-32bit-1.8.3-13.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libgstallocators-1_0-0-1.8.3-13.18.1 * gstreamer-plugins-base-1.8.3-13.18.1 * gstreamer-plugins-base-debuginfo-32bit-1.8.3-13.18.1 * gstreamer-plugins-base-debugsource-1.8.3-13.18.1 * libgstvideo-1_0-0-32bit-1.8.3-13.18.1 * libgstaudio-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * gstreamer-plugins-base-debuginfo-1.8.3-13.18.1 * libgstapp-1_0-0-1.8.3-13.18.1 * libgstapp-1_0-0-32bit-1.8.3-13.18.1 * libgstallocators-1_0-0-debuginfo-1.8.3-13.18.1 * libgstfft-1_0-0-1.8.3-13.18.1 * libgstapp-1_0-0-debuginfo-1.8.3-13.18.1 * libgstaudio-1_0-0-32bit-1.8.3-13.18.1 * libgsttag-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * libgstvideo-1_0-0-1.8.3-13.18.1 * libgstvideo-1_0-0-debuginfo-1.8.3-13.18.1 * libgstapp-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * libgstriff-1_0-0-1.8.3-13.18.1 * libgstaudio-1_0-0-debuginfo-1.8.3-13.18.1 * libgsttag-1_0-0-1.8.3-13.18.1 * libgstaudio-1_0-0-1.8.3-13.18.1 * libgstfft-1_0-0-debuginfo-1.8.3-13.18.1 * libgstrtp-1_0-0-debuginfo-1.8.3-13.18.1 * libgstsdp-1_0-0-debuginfo-1.8.3-13.18.1 * libgstpbutils-1_0-0-1.8.3-13.18.1 * libgstrtp-1_0-0-1.8.3-13.18.1 * gstreamer-plugins-base-devel-1.8.3-13.18.1 * libgstsdp-1_0-0-1.8.3-13.18.1 * libgstrtsp-1_0-0-1.8.3-13.18.1 * libgstpbutils-1_0-0-32bit-1.8.3-13.18.1 * libgstvideo-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * libgsttag-1_0-0-debuginfo-1.8.3-13.18.1 * libgstpbutils-1_0-0-debuginfo-32bit-1.8.3-13.18.1 * libgstpbutils-1_0-0-debuginfo-1.8.3-13.18.1 * libgstrtsp-1_0-0-debuginfo-1.8.3-13.18.1 * libgsttag-1_0-0-32bit-1.8.3-13.18.1 * libgstriff-1_0-0-debuginfo-1.8.3-13.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * gstreamer-plugins-base-lang-1.8.3-13.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47538.html * https://www.suse.com/security/cve/CVE-2024-47541.html * https://www.suse.com/security/cve/CVE-2024-47542.html * https://www.suse.com/security/cve/CVE-2024-47607.html * https://www.suse.com/security/cve/CVE-2024-47613.html * https://www.suse.com/security/cve/CVE-2024-47615.html * https://www.suse.com/security/cve/CVE-2024-47835.html * https://bugzilla.suse.com/show_bug.cgi?id=1234415 * https://bugzilla.suse.com/show_bug.cgi?id=1234447 * https://bugzilla.suse.com/show_bug.cgi?id=1234450 * https://bugzilla.suse.com/show_bug.cgi?id=1234455 * https://bugzilla.suse.com/show_bug.cgi?id=1234456 * https://bugzilla.suse.com/show_bug.cgi?id=1234459 * https://bugzilla.suse.com/show_bug.cgi?id=1234460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 20:30:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 20:30:39 -0000 Subject: SUSE-SU-2025:0051-1: important: Security update for gstreamer Message-ID: <173645463948.16729.13591125867144495302@smelt2.prg2.suse.org> # Security update for gstreamer Announcement ID: SUSE-SU-2025:0051-1 Release Date: 2025-01-09T16:35:28Z Rating: important References: * bsc#1234449 Cross-References: * CVE-2024-47606 CVSS scores: * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer fixes the following issues: * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-51=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-51=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgstreamer-1_0-0-1.8.3-10.12.1 * libgstreamer-1_0-0-debuginfo-1.8.3-10.12.1 * gstreamer-utils-1.8.3-10.12.1 * gstreamer-devel-1.8.3-10.12.1 * gstreamer-1.8.3-10.12.1 * gstreamer-debuginfo-1.8.3-10.12.1 * gstreamer-utils-debuginfo-1.8.3-10.12.1 * typelib-1_0-Gst-1_0-1.8.3-10.12.1 * gstreamer-debugsource-1.8.3-10.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * gstreamer-lang-1.8.3-10.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libgstreamer-1_0-0-32bit-1.8.3-10.12.1 * libgstreamer-1_0-0-debuginfo-32bit-1.8.3-10.12.1 * gstreamer-debuginfo-32bit-1.8.3-10.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gstreamer-debuginfo-32bit-1.8.3-10.12.1 * libgstreamer-1_0-0-1.8.3-10.12.1 * libgstreamer-1_0-0-32bit-1.8.3-10.12.1 * libgstreamer-1_0-0-debuginfo-32bit-1.8.3-10.12.1 * libgstreamer-1_0-0-debuginfo-1.8.3-10.12.1 * gstreamer-utils-1.8.3-10.12.1 * gstreamer-devel-1.8.3-10.12.1 * gstreamer-1.8.3-10.12.1 * gstreamer-debuginfo-1.8.3-10.12.1 * gstreamer-utils-debuginfo-1.8.3-10.12.1 * typelib-1_0-Gst-1_0-1.8.3-10.12.1 * gstreamer-debugsource-1.8.3-10.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * gstreamer-lang-1.8.3-10.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47606.html * https://bugzilla.suse.com/show_bug.cgi?id=1234449 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 9 20:30:47 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 Jan 2025 20:30:47 -0000 Subject: SUSE-SU-2025:0050-1: moderate: Security update for libmfx Message-ID: <173645464711.16729.15389281504104052667@smelt2.prg2.suse.org> # Security update for libmfx Announcement ID: SUSE-SU-2025:0050-1 Release Date: 2025-01-09T16:07:03Z Rating: moderate References: * bsc#1219494 * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899 * bsc#1226900 * bsc#1226901 * jsc#PED-10024 Cross-References: * CVE-2023-22656 * CVE-2023-45221 * CVE-2023-47169 * CVE-2023-47282 * CVE-2023-48368 CVSS scores: * CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for libmfx fixes the following issues: * CVE-2023-48368: Fixed an improper input validation. (bsc#1226897) * CVE-2023-45221: Fixed an improper buffer restrictions. (bsc#1226898) * CVE-2023-22656: Fixed an out-of-bounds read. (bsc#1226899) * CVE-2023-47282: Fixed an out-of-bounds write. (bsc#1226900) * CVE-2023-47169: Fixed an improper buffer restrictions. (bsc#1226901) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-50=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-50=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-50=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-50=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-50=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libmfx1-debuginfo-21.3.4-150400.3.5.1 * libmfx1-21.3.4-150400.3.5.1 * libmfx-debugsource-21.3.4-150400.3.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libmfx1-debuginfo-21.3.4-150400.3.5.1 * libmfx1-21.3.4-150400.3.5.1 * libmfx-debugsource-21.3.4-150400.3.5.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * libmfx1-debuginfo-21.3.4-150400.3.5.1 * libmfx1-21.3.4-150400.3.5.1 * libmfx-debugsource-21.3.4-150400.3.5.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libmfx1-debuginfo-21.3.4-150400.3.5.1 * libmfx1-21.3.4-150400.3.5.1 * libmfx-debugsource-21.3.4-150400.3.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libmfx1-debuginfo-21.3.4-150400.3.5.1 * libmfx1-21.3.4-150400.3.5.1 * libmfx-debugsource-21.3.4-150400.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22656.html * https://www.suse.com/security/cve/CVE-2023-45221.html * https://www.suse.com/security/cve/CVE-2023-47169.html * https://www.suse.com/security/cve/CVE-2023-47282.html * https://www.suse.com/security/cve/CVE-2023-48368.html * https://bugzilla.suse.com/show_bug.cgi?id=1219494 * https://bugzilla.suse.com/show_bug.cgi?id=1226892 * https://bugzilla.suse.com/show_bug.cgi?id=1226897 * https://bugzilla.suse.com/show_bug.cgi?id=1226898 * https://bugzilla.suse.com/show_bug.cgi?id=1226899 * https://bugzilla.suse.com/show_bug.cgi?id=1226900 * https://bugzilla.suse.com/show_bug.cgi?id=1226901 * https://jira.suse.com/browse/PED-10024 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 08:30:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 08:30:03 -0000 Subject: SUSE-SU-2025:0059-1: important: Security update for MozillaFirefox Message-ID: <173649780342.16706.15998958059896790916@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:0059-1 Release Date: 2025-01-10T07:37:11Z Rating: important References: * bsc#1234991 Cross-References: * CVE-2025-0237 * CVE-2025-0238 * CVE-2025-0239 * CVE-2025-0240 * CVE-2025-0241 * CVE-2025-0242 * CVE-2025-0243 CVSS scores: * CVE-2025-0237 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0237 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0238 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-0238 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-0239 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0239 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0240 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0240 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0242 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0242 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0243 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 128.6.0 ESR * Fixed: Various security fixes. MFSA 2025-02 (bsc#1234991) * CVE-2025-0237 (bmo#1915257) WebChannel APIs susceptible to confused deputy attack * CVE-2025-0238 (bmo#1915535) Use-after- free when breaking lines * CVE-2025-0239 (bmo#1929156) Alt-Svc ALPN validation failure when redirected * CVE-2025-0240 (bmo#1929623) Compartment mismatch when parsing JavaScript JSON module * CVE-2025-0241 (bmo#1933023) Memory corruption when using JavaScript Text Segmentation * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, bmo#1932169) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 * CVE-2025-0243 (bmo#1827142, bmo#1932783) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 * Firefox Extended Support Release 128.5.2 ESR * Fixed: Fixed a crash experienced by Windows users with Qihoo 360 Total Security Antivirus software installed (bmo#1934258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-59=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-59=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-59=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-59=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-59=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-59=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-59=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-59=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-59=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-59=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-59=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-59=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-59=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-59=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-59=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-branding-upstream-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * MozillaFirefox-debugsource-128.6.0-150200.152.167.1 * MozillaFirefox-translations-common-128.6.0-150200.152.167.1 * MozillaFirefox-128.6.0-150200.152.167.1 * MozillaFirefox-debuginfo-128.6.0-150200.152.167.1 * MozillaFirefox-translations-other-128.6.0-150200.152.167.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * MozillaFirefox-devel-128.6.0-150200.152.167.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0237.html * https://www.suse.com/security/cve/CVE-2025-0238.html * https://www.suse.com/security/cve/CVE-2025-0239.html * https://www.suse.com/security/cve/CVE-2025-0240.html * https://www.suse.com/security/cve/CVE-2025-0241.html * https://www.suse.com/security/cve/CVE-2025-0242.html * https://www.suse.com/security/cve/CVE-2025-0243.html * https://bugzilla.suse.com/show_bug.cgi?id=1234991 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 08:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 08:30:12 -0000 Subject: SUSE-SU-2025:0058-1: important: Security update for tomcat Message-ID: <173649781260.16706.10551627880937077160@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2025:0058-1 Release Date: 2025-01-10T07:35:34Z Rating: important References: * bsc#1233435 * bsc#1234663 * bsc#1234664 Cross-References: * CVE-2024-50379 * CVE-2024-52317 * CVE-2024-54677 CVSS scores: * CVE-2024-50379 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50379 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50379 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52317 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-52317 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-52317 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-54677 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54677 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54677 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues: Update to Tomcat 9.0.98 * Fixed CVEs: * CVE-2024-54677: DoS in examples web application (bsc#1234664) * CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation (bsc#1234663) * CVE-2024-52317: Request/response mix-up with HTTP/2 (bsc#1233435) * Catalina * Add: Add option to serve resources from subpath only with WebDAV Servlet like with DefaultServlet. (michaelo) * Fix: Add special handling for the protocols attribute of SSLHostConfig in storeconfig. (remm) * Fix: 69442: Fix case sensitive check on content-type when parsing request parameters. (remm) * Code: Refactor duplicate code for extracting media type and subtype from content-type into a single method. (markt) * Fix: Compatibility of generated embedded code with components where constructors or property related methods throw a checked exception. (remm) * Fix: The previous fix for inconsistent resource metadata during concurrent reads and writes was incomplete. (markt) * Fix: 69444: Ensure that the javax.servlet.error.message request attribute is set when an application defined error page is called. (markt) * Fix: Avoid quotes for numeric values in the JSON generated by the status servlet. (remm) * Add: Add strong ETag support for the WebDAV and default servlet, which can be enabled by using the useStrongETags init parameter with a value set to true. The ETag generated will be a SHA-1 checksum of the resource content. (remm) * Fix: Use client locale for directory listings. (remm) * Fix: 69439: Improve the handling of multiple Cache-Control headers in the ExpiresFilter. Based on pull request #777 by Chenjp. (markt) * Fix: 69447: Update the support for caching classes the web application class loader cannot find to take account of classes loaded from external repositories. Prior to this fix, these classes could be incorrectly marked as not found. (markt) * Fix: 69466: Rework handling of HEAD requests. Headers explicitly set by users will not be removed and any header present in a HEAD request will also be present in the equivalent GET request. There may be some headers, as per RFC 9110, section 9.3.2, that are present in a GET request that are not present in the equivalent HEAD request. (markt) * Fix: 69471: Log instances of CloseNowException caught by ApplicationDispatcher.invoke() at debug level rather than error level as they are very likely to have been caused by a client disconnection or similar I/O issue. (markt) * Add: Add a test case for the fix for 69442. Also refactor references to application/x-www-form-urlencoded. Based on pull request #779 by Chenjp. (markt) * Fix: 69476: Catch possible ISE when trying to report PUT failure in the DefaultServlet. (remm) * Add: Add support for RateLimit header fields for HTTP (draft) in the RateLimitFilter. Based on pull request #775 provided by Chenjp. (markt) * Add: #787: Add regression tests for 69478. Pull request provided by Thomas Krisch. (markt) * Fix: The default servlet now rejects HTTP range requests when two or more of the requested ranges overlap. Based on pull request #782 provided by Chenjp. (markt) * Fix: Enhance Content-Range verification for partial PUT requests handled by the default servlet. Provided by Chenjp in pull request #778. (markt) * Fix: Harmonize DataSourceStore lookup in the global resources to optionally avoid the comp/env prefix which is usually not used there. (remm) * Fix: As required by RFC 9110, the HTTP Range header will now only be processed for GET requests. Based on pull request #790 provided by Chenjp. (markt) * Fix: Deprecate the useAcceptRanges initialisation parameter for the default servlet. It will be removed in Tomcat 12 onwards where it will effectively be hard coded to true. (markt) * Add: Add DataSource based property storage for the WebdavServlet. (remm) * Coyote * Fix: Align encodedSolidusHandling with the Servlet specification. If the pass-through mode is used, any %25 sequences will now also be passed through to avoid errors and/or corruption when the application decodes the path. (markt) * Jasper * Fix: Further optimise EL evaluation of method parameters. Patch provided by Paolo B. (markt) * Fix: Follow-up to the fix for 69381. Apply the optimisation for method lookup performance in expression language to an additional location. (markt) * Web applications * Fix: Documentation. Remove references to the ResourceParams element. Support for ResourceParams was removed in Tomcat 5.5.x. (markt) * Fix: Documentation. 69477: Correct name of attribute for RemoteIPFilter. The attribute is internalProxies rather than allowedInternalProxies. Pull request #786 (markt) * Fix: Examples. Fix broken links when Servlet Request Info example is called via a URL that includes a pathInfo component. (markt) * Fix: Examples. Expand the obfuscation of session cookie values in the request header example to JSON responses. (markt) * Add: Examples. Add the ability to delete session attributes in the servlet session example. (markt) * Add: Examples. Add a hard coded limit of 10 attributes per session for the servlet session example. (markt) * Add: Examples. Add the ability to delete session attributes and add a hard coded limit of 10 attributes per session for the JSP form authentication example. (markt) * Add: Examples. Limit the shopping cart example to only allow adding the pre- defined items to the cart. (markt) * Fix: Examples. Remove JSP calendar example. (markt) * Other * Fix: 69465: Fix warnings during native image compilation using the Tomcat embedded JARs. (markt) * Update: Update Tomcat's fork of Commons DBCP to 2.13.0. (markt) * Update: Update EasyMock to 5.5.0. (markt) * Update: Update Checkstyle to 10.20.2. (markt) * Update: Update BND to 7.1.0. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Korean translations. (markt) * Add: Improvements to Chinese translations. (markt) * Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-58=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-58=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-58=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-58=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-58=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-58=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-58=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-58=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-58=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-58=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-58=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-58=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-58=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-58=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-58=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-docs-webapp-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-embed-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * tomcat-jsvc-9.0.98-150200.74.1 * tomcat-javadoc-9.0.98-150200.74.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Manager Server 4.3 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50379.html * https://www.suse.com/security/cve/CVE-2024-52317.html * https://www.suse.com/security/cve/CVE-2024-54677.html * https://bugzilla.suse.com/show_bug.cgi?id=1233435 * https://bugzilla.suse.com/show_bug.cgi?id=1234663 * https://bugzilla.suse.com/show_bug.cgi?id=1234664 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 12:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 12:30:09 -0000 Subject: SUSE-SU-2025:0060-1: moderate: Security update for govulncheck-vulndb Message-ID: <173651220944.16706.2089540219683388568@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:0060-1 Release Date: 2025-01-10T11:33:34Z Rating: moderate References: * jsc#PED-11136 Cross-References: * CVE-2024-12678 * CVE-2024-25131 * CVE-2024-25133 * CVE-2024-28892 * CVE-2024-43803 * CVE-2024-45338 * CVE-2024-45387 * CVE-2024-54148 * CVE-2024-55196 * CVE-2024-55947 * CVE-2024-56362 * CVE-2024-56513 * CVE-2024-56514 * CVE-2024-9779 * CVE-2025-21609 * CVE-2025-21613 * CVE-2025-21614 * CVE-2025-22130 CVSS scores: * CVE-2024-12678 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12678 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12678 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-25131 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25133 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-28892 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45338 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45338 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45338 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45387 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-54148 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-54148 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-55196 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-55947 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56362 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-56513 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56514 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-9779 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N * CVE-2025-21609 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-21613 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21613 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear * CVE-2025-21613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21614 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21614 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22130 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves 18 vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250108T191942 2025-01-08T19:19:42Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3371 GHSA-2r2v-9pf8-6342 * GO-2025-3374 CVE-2025-22130 GHSA-j4jw-m6xr-fv6c * Update to version 0.0.20250107T160406 2025-01-07T16:04:06Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3363 GO-2025-3364 GO-2025-3367 GO-2025-3368 * GO-2024-3355 CVE-2024-54148 GHSA-r7j8-5h9c-f6fx * GO-2024-3356 CVE-2024-55947 GHSA-qf5v-rp47-55gg * GO-2024-3357 CVE-2024-56362 GHSA-xwx7-p63r-2rj8 * GO-2024-3358 CVE-2024-45387 GHSA-vq94-9pfv-ccqr * GO-2024-3359 CVE-2024-28892 GHSA-5qww-56gc-f66c * GO-2024-3360 CVE-2024-25133 GHSA-wgqq-9qh8-wvqv * GO-2025-3361 CVE-2024-55196 GHSA-rv83-h68q-c4wq * GO-2025-3362 CVE-2025-21609 GHSA-8fx8-pffw-w498 * GO-2025-3363 CVE-2024-56514 GHSA-cwrh-575j-8vr3 * GO-2025-3364 CVE-2024-56513 GHSA-mg7w-c9x2-xh7r * GO-2025-3367 CVE-2025-21614 GHSA-r9px-m959-cxf4 * GO-2025-3368 CVE-2025-21613 GHSA-v725-9546-7q7m * Update to version 0.0.20241220T214820 2024-12-20T21:48:20Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3101 GHSA-75qh-gg76-p2w4 * GO-2024-3339 GHSA-8wcc-m6j2-qxvm * Update to version 0.0.20241220T203729 2024-12-20T20:37:29Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3101 GHSA-75qh-gg76-p2w4 * GO-2024-3109 CVE-2024-43803 GHSA-pqfh-xh7w-7h3p * GO-2024-3333 CVE-2024-45338 GHSA-w32m-9786-jp63 * GO-2024-3342 GHSA-hxr6-2p24-hf98 * GO-2024-3343 CVE-2024-9779 GHSA-jhh6-6fhp-q2xp * GO-2024-3344 GHSA-32gq-x56h-299c * GO-2024-3349 CVE-2024-25131 GHSA-77c2-c35q-254w * GO-2024-3350 GHSA-5pf6-cq2v-23ww * GO-2024-3354 CVE-2024-12678 GHSA-hr68-hvgv-xxqf ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-60=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-60=1 ## Package List: * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250108T191942-150000.1.26.1 * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250108T191942-150000.1.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12678.html * https://www.suse.com/security/cve/CVE-2024-25131.html * https://www.suse.com/security/cve/CVE-2024-25133.html * https://www.suse.com/security/cve/CVE-2024-28892.html * https://www.suse.com/security/cve/CVE-2024-43803.html * https://www.suse.com/security/cve/CVE-2024-45338.html * https://www.suse.com/security/cve/CVE-2024-45387.html * https://www.suse.com/security/cve/CVE-2024-54148.html * https://www.suse.com/security/cve/CVE-2024-55196.html * https://www.suse.com/security/cve/CVE-2024-55947.html * https://www.suse.com/security/cve/CVE-2024-56362.html * https://www.suse.com/security/cve/CVE-2024-56513.html * https://www.suse.com/security/cve/CVE-2024-56514.html * https://www.suse.com/security/cve/CVE-2024-9779.html * https://www.suse.com/security/cve/CVE-2025-21609.html * https://www.suse.com/security/cve/CVE-2025-21613.html * https://www.suse.com/security/cve/CVE-2025-21614.html * https://www.suse.com/security/cve/CVE-2025-22130.html * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 16:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 16:30:05 -0000 Subject: SUSE-SU-2025:0066-1: moderate: Security update for apptainer Message-ID: <173652660519.16729.7637213355036856627@smelt2.prg2.suse.org> # Security update for apptainer Announcement ID: SUSE-SU-2025:0066-1 Release Date: 2025-01-10T14:49:16Z Rating: moderate References: * bsc#1235211 Cross-References: * CVE-2024-28180 CVSS scores: * CVE-2024-28180 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-28180 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * HPC Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for apptainer fixes the following issues: * Update to version 1.3.6 * CVE-2024-28180: Fixed an improper handling of highly compressed data in go- jose. (bsc#1235211) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-66=1 openSUSE-SLE-15.6-2025-66=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-66=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * apptainer-debuginfo-1.3.6-150600.4.3.1 * apptainer-1.3.6-150600.4.3.1 * openSUSE Leap 15.6 (noarch) * apptainer-sle15_6-1.3.6-150600.4.3.1 * apptainer-sle15_5-1.3.6-150600.4.3.1 * apptainer-leap-1.3.6-150600.4.3.1 * apptainer-sle15_7-1.3.6-150600.4.3.1 * HPC Module 15-SP6 (aarch64 x86_64) * apptainer-debuginfo-1.3.6-150600.4.3.1 * apptainer-1.3.6-150600.4.3.1 * HPC Module 15-SP6 (noarch) * apptainer-sle15_6-1.3.6-150600.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28180.html * https://bugzilla.suse.com/show_bug.cgi?id=1235211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 16:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 16:30:14 -0000 Subject: SUSE-SU-2025:0065-1: important: Security update for gstreamer-plugins-base Message-ID: <173652661469.16729.2541700512977373143@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2025:0065-1 Release Date: 2025-01-10T14:42:42Z Rating: important References: * bsc#1234415 * bsc#1234450 * bsc#1234453 * bsc#1234455 * bsc#1234456 * bsc#1234459 * bsc#1234460 Cross-References: * CVE-2024-47538 * CVE-2024-47541 * CVE-2024-47542 * CVE-2024-47600 * CVE-2024-47607 * CVE-2024-47615 * CVE-2024-47835 CVSS scores: * CVE-2024-47538 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47538 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47538 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47541 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47541 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47542 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47600 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47600 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47600 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47607 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47607 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47615 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47835 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47835 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-47538: Fixed a stack-buffer overflow in vorbis_handle_identification_packet. (bsc#1234415) * CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. (bsc#1234450) * CVE-2024-47600: Fixed an out-of-bounds read in gst-discoverer-1.0 commandline tool. (bsc#1234453) * CVE-2024-47615: Fixed an out-of-bounds write in Ogg demuxer. (bsc#1234456) * CVE-2024-47541: Fixed an out-of-bounds write in SSA subtitle parser. (bsc#1234459) * CVE-2024-47542: Fixed an ID3v2 parser out-of-bounds read and NULL-pointer dereference. (bsc#1234460) * CVE-2024-47607: Fixed a stack buffer-overflow in Opus decoder. (bsc#1234455) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-65=1 openSUSE-SLE-15.6-2025-65=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-65=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-65=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgstapp-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstfft-1_0-0-1.24.0-150600.3.8.1 * libgstpbutils-1_0-0-debuginfo-1.24.0-150600.3.8.1 * gstreamer-plugins-base-debugsource-1.24.0-150600.3.8.1 * typelib-1_0-GstSdp-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstPbutils-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstGL-1_0-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-1.24.0-150600.3.8.1 * typelib-1_0-GstAudio-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstTag-1_0-1.24.0-150600.3.8.1 * libgstrtsp-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstgl-1_0-0-debuginfo-1.24.0-150600.3.8.1 * typelib-1_0-GstGLX11-1_0-1.24.0-150600.3.8.1 * libgstsdp-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstpbutils-1_0-0-1.24.0-150600.3.8.1 * libgstallocators-1_0-0-1.24.0-150600.3.8.1 * libgstfft-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstrtp-1_0-0-1.24.0-150600.3.8.1 * gstreamer-plugins-base-debuginfo-1.24.0-150600.3.8.1 * libgsttag-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstallocators-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-1.24.0-150600.3.8.1 * gstreamer-plugins-base-devel-1.24.0-150600.3.8.1 * libgstrtsp-1_0-0-1.24.0-150600.3.8.1 * typelib-1_0-GstGLWayland-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstAllocators-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstApp-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstVideo-1_0-1.24.0-150600.3.8.1 * libgstapp-1_0-0-1.24.0-150600.3.8.1 * libgstgl-1_0-0-1.24.0-150600.3.8.1 * libgstrtp-1_0-0-debuginfo-1.24.0-150600.3.8.1 * typelib-1_0-GstRtp-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstGLEGL-1_0-1.24.0-150600.3.8.1 * libgstsdp-1_0-0-1.24.0-150600.3.8.1 * libgstriff-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstriff-1_0-0-1.24.0-150600.3.8.1 * libgsttag-1_0-0-1.24.0-150600.3.8.1 * gstreamer-plugins-base-1.24.0-150600.3.8.1 * typelib-1_0-GstRtsp-1_0-1.24.0-150600.3.8.1 * openSUSE Leap 15.6 (x86_64) * libgstpbutils-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstrtp-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * gstreamer-plugins-base-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstfft-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstrtp-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstallocators-1_0-0-32bit-1.24.0-150600.3.8.1 * gstreamer-plugins-base-devel-32bit-1.24.0-150600.3.8.1 * libgstgl-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstfft-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstapp-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstrtsp-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstrtsp-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstallocators-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstsdp-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstriff-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstpbutils-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstsdp-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstriff-1_0-0-32bit-1.24.0-150600.3.8.1 * gstreamer-plugins-base-32bit-1.24.0-150600.3.8.1 * libgstgl-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstapp-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgsttag-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-32bit-1.24.0-150600.3.8.1 * libgsttag-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * openSUSE Leap 15.6 (noarch) * gstreamer-plugins-base-lang-1.24.0-150600.3.8.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libgstsdp-1_0-0-64bit-1.24.0-150600.3.8.1 * libgsttag-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstrtsp-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstriff-1_0-0-64bit-1.24.0-150600.3.8.1 * libgsttag-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstpbutils-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstapp-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstallocators-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstgl-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstrtp-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstriff-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * gstreamer-plugins-base-64bit-1.24.0-150600.3.8.1 * libgstfft-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstapp-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * gstreamer-plugins-base-devel-64bit-1.24.0-150600.3.8.1 * libgstfft-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstpbutils-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstgl-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstrtsp-1_0-0-64bit-1.24.0-150600.3.8.1 * libgstallocators-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * gstreamer-plugins-base-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstsdp-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * libgstrtp-1_0-0-64bit-debuginfo-1.24.0-150600.3.8.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgstapp-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstfft-1_0-0-1.24.0-150600.3.8.1 * libgstpbutils-1_0-0-debuginfo-1.24.0-150600.3.8.1 * gstreamer-plugins-base-debugsource-1.24.0-150600.3.8.1 * typelib-1_0-GstSdp-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstPbutils-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstGL-1_0-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-1.24.0-150600.3.8.1 * typelib-1_0-GstAudio-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstTag-1_0-1.24.0-150600.3.8.1 * libgstrtsp-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstgl-1_0-0-debuginfo-1.24.0-150600.3.8.1 * typelib-1_0-GstGLX11-1_0-1.24.0-150600.3.8.1 * libgstsdp-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstpbutils-1_0-0-1.24.0-150600.3.8.1 * libgstallocators-1_0-0-1.24.0-150600.3.8.1 * libgstfft-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstrtp-1_0-0-1.24.0-150600.3.8.1 * gstreamer-plugins-base-debuginfo-1.24.0-150600.3.8.1 * libgsttag-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstallocators-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-1.24.0-150600.3.8.1 * gstreamer-plugins-base-devel-1.24.0-150600.3.8.1 * libgstrtsp-1_0-0-1.24.0-150600.3.8.1 * typelib-1_0-GstGLWayland-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstAllocators-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstApp-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstVideo-1_0-1.24.0-150600.3.8.1 * libgstapp-1_0-0-1.24.0-150600.3.8.1 * libgstgl-1_0-0-1.24.0-150600.3.8.1 * libgstrtp-1_0-0-debuginfo-1.24.0-150600.3.8.1 * typelib-1_0-GstRtp-1_0-1.24.0-150600.3.8.1 * typelib-1_0-GstGLEGL-1_0-1.24.0-150600.3.8.1 * libgstsdp-1_0-0-1.24.0-150600.3.8.1 * libgstriff-1_0-0-debuginfo-1.24.0-150600.3.8.1 * libgstriff-1_0-0-1.24.0-150600.3.8.1 * libgsttag-1_0-0-1.24.0-150600.3.8.1 * gstreamer-plugins-base-1.24.0-150600.3.8.1 * typelib-1_0-GstRtsp-1_0-1.24.0-150600.3.8.1 * Basesystem Module 15-SP6 (noarch) * gstreamer-plugins-base-lang-1.24.0-150600.3.8.1 * SUSE Package Hub 15 15-SP6 (x86_64) * libgstvideo-1_0-0-32bit-1.24.0-150600.3.8.1 * libgsttag-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * libgsttag-1_0-0-32bit-1.24.0-150600.3.8.1 * gstreamer-plugins-base-debugsource-1.24.0-150600.3.8.1 * libgstvideo-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * gstreamer-plugins-base-32bit-debuginfo-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-32bit-1.24.0-150600.3.8.1 * libgstaudio-1_0-0-32bit-debuginfo-1.24.0-150600.3.8.1 * gstreamer-plugins-base-debuginfo-1.24.0-150600.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47538.html * https://www.suse.com/security/cve/CVE-2024-47541.html * https://www.suse.com/security/cve/CVE-2024-47542.html * https://www.suse.com/security/cve/CVE-2024-47600.html * https://www.suse.com/security/cve/CVE-2024-47607.html * https://www.suse.com/security/cve/CVE-2024-47615.html * https://www.suse.com/security/cve/CVE-2024-47835.html * https://bugzilla.suse.com/show_bug.cgi?id=1234415 * https://bugzilla.suse.com/show_bug.cgi?id=1234450 * https://bugzilla.suse.com/show_bug.cgi?id=1234453 * https://bugzilla.suse.com/show_bug.cgi?id=1234455 * https://bugzilla.suse.com/show_bug.cgi?id=1234456 * https://bugzilla.suse.com/show_bug.cgi?id=1234459 * https://bugzilla.suse.com/show_bug.cgi?id=1234460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 16:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 16:30:34 -0000 Subject: SUSE-SU-2025:0064-1: important: Security update for gstreamer-plugins-good Message-ID: <173652663492.16729.1468785043986427973@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-good Announcement ID: SUSE-SU-2025:0064-1 Release Date: 2025-01-10T13:48:33Z Rating: important References: * bsc#1234414 * bsc#1234417 * bsc#1234421 * bsc#1234424 * bsc#1234425 * bsc#1234426 * bsc#1234427 * bsc#1234428 * bsc#1234432 * bsc#1234433 * bsc#1234434 * bsc#1234435 * bsc#1234436 * bsc#1234439 * bsc#1234440 * bsc#1234446 * bsc#1234447 * bsc#1234449 * bsc#1234462 * bsc#1234473 * bsc#1234476 * bsc#1234477 Cross-References: * CVE-2024-47530 * CVE-2024-47537 * CVE-2024-47539 * CVE-2024-47543 * CVE-2024-47544 * CVE-2024-47545 * CVE-2024-47546 * CVE-2024-47596 * CVE-2024-47597 * CVE-2024-47598 * CVE-2024-47599 * CVE-2024-47601 * CVE-2024-47602 * CVE-2024-47603 * CVE-2024-47606 * CVE-2024-47613 * CVE-2024-47774 * CVE-2024-47775 * CVE-2024-47776 * CVE-2024-47777 * CVE-2024-47778 * CVE-2024-47834 CVSS scores: * CVE-2024-47530 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-47530 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-47537 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47537 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47537 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47539 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47539 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47539 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47543 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47543 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47543 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47544 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47545 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47546 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47546 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47546 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47596 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47597 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47598 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47598 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47599 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47599 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47599 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47601 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47603 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47613 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47774 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47774 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47775 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47775 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47776 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47776 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47777 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47777 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47778 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47778 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47834 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 22 vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-good fixes the following issues: * CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421) * CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414) * CVE-2024-47539: Fixed an out-of-bounds write in convert_to_s334_1a. (boo#1234417) * CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462) * CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473) * CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read. (boo#1234476) * CVE-2024-47546: Fixed an integer underflow in extract_cc_from_data leading to out-of-bounds read. (boo#1234477) * CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads. (boo#1234424) * CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425) * CVE-2024-47598: Fixed MP4/MOV sample table parser out-of-bounds read. (boo#1234426) * CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (boo#1234427) * CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428) * CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (boo#1234432) * CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433) * CVE-2024-47606: Avoid integer overflow when allocating sysmem. (bsc#1234449) * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) * CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447) * CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads. (boo#1234446) * CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434) * CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435) * CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436) * CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439) * CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input files. (boo#1234440) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-64=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-64=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-64=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-64=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-64=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-plugins-good-1.22.0-150500.4.6.1 * gstreamer-plugins-good-extra-1.22.0-150500.4.6.1 * gstreamer-plugins-good-gtk-1.22.0-150500.4.6.1 * gstreamer-plugins-good-qtqml-1.22.0-150500.4.6.1 * gstreamer-plugins-good-jack-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-extra-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debugsource-1.22.0-150500.4.6.1 * gstreamer-plugins-good-gtk-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-jack-1.22.0-150500.4.6.1 * gstreamer-plugins-good-qtqml-debuginfo-1.22.0-150500.4.6.1 * openSUSE Leap 15.5 (x86_64) * gstreamer-plugins-good-extra-32bit-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-jack-32bit-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-32bit-1.22.0-150500.4.6.1 * gstreamer-plugins-good-jack-32bit-1.22.0-150500.4.6.1 * gstreamer-plugins-good-extra-32bit-1.22.0-150500.4.6.1 * gstreamer-plugins-good-32bit-debuginfo-1.22.0-150500.4.6.1 * openSUSE Leap 15.5 (noarch) * gstreamer-plugins-good-lang-1.22.0-150500.4.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * gstreamer-plugins-good-jack-64bit-1.22.0-150500.4.6.1 * gstreamer-plugins-good-extra-64bit-1.22.0-150500.4.6.1 * gstreamer-plugins-good-extra-64bit-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-jack-64bit-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-64bit-debuginfo-1.22.0-150500.4.6.1 * gstreamer-plugins-good-64bit-1.22.0-150500.4.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * gstreamer-plugins-good-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debugsource-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debuginfo-1.22.0-150500.4.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * gstreamer-plugins-good-lang-1.22.0-150500.4.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * gstreamer-plugins-good-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debugsource-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debuginfo-1.22.0-150500.4.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * gstreamer-plugins-good-lang-1.22.0-150500.4.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-good-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debugsource-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debuginfo-1.22.0-150500.4.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * gstreamer-plugins-good-lang-1.22.0-150500.4.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * gstreamer-plugins-good-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debugsource-1.22.0-150500.4.6.1 * gstreamer-plugins-good-debuginfo-1.22.0-150500.4.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * gstreamer-plugins-good-lang-1.22.0-150500.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47530.html * https://www.suse.com/security/cve/CVE-2024-47537.html * https://www.suse.com/security/cve/CVE-2024-47539.html * https://www.suse.com/security/cve/CVE-2024-47543.html * https://www.suse.com/security/cve/CVE-2024-47544.html * https://www.suse.com/security/cve/CVE-2024-47545.html * https://www.suse.com/security/cve/CVE-2024-47546.html * https://www.suse.com/security/cve/CVE-2024-47596.html * https://www.suse.com/security/cve/CVE-2024-47597.html * https://www.suse.com/security/cve/CVE-2024-47598.html * https://www.suse.com/security/cve/CVE-2024-47599.html * https://www.suse.com/security/cve/CVE-2024-47601.html * https://www.suse.com/security/cve/CVE-2024-47602.html * https://www.suse.com/security/cve/CVE-2024-47603.html * https://www.suse.com/security/cve/CVE-2024-47606.html * https://www.suse.com/security/cve/CVE-2024-47613.html * https://www.suse.com/security/cve/CVE-2024-47774.html * https://www.suse.com/security/cve/CVE-2024-47775.html * https://www.suse.com/security/cve/CVE-2024-47776.html * https://www.suse.com/security/cve/CVE-2024-47777.html * https://www.suse.com/security/cve/CVE-2024-47778.html * https://www.suse.com/security/cve/CVE-2024-47834.html * https://bugzilla.suse.com/show_bug.cgi?id=1234414 * https://bugzilla.suse.com/show_bug.cgi?id=1234417 * https://bugzilla.suse.com/show_bug.cgi?id=1234421 * https://bugzilla.suse.com/show_bug.cgi?id=1234424 * https://bugzilla.suse.com/show_bug.cgi?id=1234425 * https://bugzilla.suse.com/show_bug.cgi?id=1234426 * https://bugzilla.suse.com/show_bug.cgi?id=1234427 * https://bugzilla.suse.com/show_bug.cgi?id=1234428 * https://bugzilla.suse.com/show_bug.cgi?id=1234432 * https://bugzilla.suse.com/show_bug.cgi?id=1234433 * https://bugzilla.suse.com/show_bug.cgi?id=1234434 * https://bugzilla.suse.com/show_bug.cgi?id=1234435 * https://bugzilla.suse.com/show_bug.cgi?id=1234436 * https://bugzilla.suse.com/show_bug.cgi?id=1234439 * https://bugzilla.suse.com/show_bug.cgi?id=1234440 * https://bugzilla.suse.com/show_bug.cgi?id=1234446 * https://bugzilla.suse.com/show_bug.cgi?id=1234447 * https://bugzilla.suse.com/show_bug.cgi?id=1234449 * https://bugzilla.suse.com/show_bug.cgi?id=1234462 * https://bugzilla.suse.com/show_bug.cgi?id=1234473 * https://bugzilla.suse.com/show_bug.cgi?id=1234476 * https://bugzilla.suse.com/show_bug.cgi?id=1234477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 16:30:49 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 16:30:49 -0000 Subject: SUSE-SU-2025:0063-1: important: Security update for gstreamer-plugins-good Message-ID: <173652664925.16729.3056068135859686651@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-good Announcement ID: SUSE-SU-2025:0063-1 Release Date: 2025-01-10T13:25:22Z Rating: important References: * bsc#1234414 * bsc#1234421 * bsc#1234424 * bsc#1234425 * bsc#1234427 * bsc#1234428 * bsc#1234432 * bsc#1234433 * bsc#1234434 * bsc#1234435 * bsc#1234436 * bsc#1234439 * bsc#1234440 * bsc#1234446 * bsc#1234447 * bsc#1234449 * bsc#1234462 * bsc#1234473 * bsc#1234476 Cross-References: * CVE-2024-47530 * CVE-2024-47537 * CVE-2024-47543 * CVE-2024-47544 * CVE-2024-47545 * CVE-2024-47596 * CVE-2024-47597 * CVE-2024-47599 * CVE-2024-47601 * CVE-2024-47602 * CVE-2024-47603 * CVE-2024-47606 * CVE-2024-47613 * CVE-2024-47774 * CVE-2024-47775 * CVE-2024-47776 * CVE-2024-47777 * CVE-2024-47778 * CVE-2024-47834 CVSS scores: * CVE-2024-47530 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-47530 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-47537 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47537 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47537 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47543 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47543 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47543 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47544 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47545 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47596 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47597 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47599 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47599 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47599 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47601 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47603 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47613 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47774 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47774 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47775 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47775 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47776 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47776 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47777 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47777 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47778 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47778 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47834 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 19 vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-good fixes the following issues: * CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421) * CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414) * CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462) * CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473) * CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read. (boo#1234476) * CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads. (boo#1234424) * CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425) * CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (boo#1234427) * CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428) * CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (boo#1234432) * CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433) * CVE-2024-47606: Avoid integer overflow when allocating sysmem. (bsc#1234449) * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) * CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447) * CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads. (boo#1234446) * CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434) * CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435) * CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436) * CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439) * CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input files. (boo#1234440) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-63=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-63=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-good-debugsource-1.8.3-16.12.1 * gstreamer-plugins-good-debuginfo-1.8.3-16.12.1 * gstreamer-plugins-good-1.8.3-16.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * gstreamer-plugins-good-lang-1.8.3-16.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gstreamer-plugins-good-debugsource-1.8.3-16.12.1 * gstreamer-plugins-good-debuginfo-1.8.3-16.12.1 * gstreamer-plugins-good-1.8.3-16.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * gstreamer-plugins-good-lang-1.8.3-16.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47530.html * https://www.suse.com/security/cve/CVE-2024-47537.html * https://www.suse.com/security/cve/CVE-2024-47543.html * https://www.suse.com/security/cve/CVE-2024-47544.html * https://www.suse.com/security/cve/CVE-2024-47545.html * https://www.suse.com/security/cve/CVE-2024-47596.html * https://www.suse.com/security/cve/CVE-2024-47597.html * https://www.suse.com/security/cve/CVE-2024-47599.html * https://www.suse.com/security/cve/CVE-2024-47601.html * https://www.suse.com/security/cve/CVE-2024-47602.html * https://www.suse.com/security/cve/CVE-2024-47603.html * https://www.suse.com/security/cve/CVE-2024-47606.html * https://www.suse.com/security/cve/CVE-2024-47613.html * https://www.suse.com/security/cve/CVE-2024-47774.html * https://www.suse.com/security/cve/CVE-2024-47775.html * https://www.suse.com/security/cve/CVE-2024-47776.html * https://www.suse.com/security/cve/CVE-2024-47777.html * https://www.suse.com/security/cve/CVE-2024-47778.html * https://www.suse.com/security/cve/CVE-2024-47834.html * https://bugzilla.suse.com/show_bug.cgi?id=1234414 * https://bugzilla.suse.com/show_bug.cgi?id=1234421 * https://bugzilla.suse.com/show_bug.cgi?id=1234424 * https://bugzilla.suse.com/show_bug.cgi?id=1234425 * https://bugzilla.suse.com/show_bug.cgi?id=1234427 * https://bugzilla.suse.com/show_bug.cgi?id=1234428 * https://bugzilla.suse.com/show_bug.cgi?id=1234432 * https://bugzilla.suse.com/show_bug.cgi?id=1234433 * https://bugzilla.suse.com/show_bug.cgi?id=1234434 * https://bugzilla.suse.com/show_bug.cgi?id=1234435 * https://bugzilla.suse.com/show_bug.cgi?id=1234436 * https://bugzilla.suse.com/show_bug.cgi?id=1234439 * https://bugzilla.suse.com/show_bug.cgi?id=1234440 * https://bugzilla.suse.com/show_bug.cgi?id=1234446 * https://bugzilla.suse.com/show_bug.cgi?id=1234447 * https://bugzilla.suse.com/show_bug.cgi?id=1234449 * https://bugzilla.suse.com/show_bug.cgi?id=1234462 * https://bugzilla.suse.com/show_bug.cgi?id=1234473 * https://bugzilla.suse.com/show_bug.cgi?id=1234476 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 16:30:51 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 16:30:51 -0000 Subject: SUSE-SU-2025:0062-1: important: Security update for gstreamer Message-ID: <173652665164.16729.16912508144182832045@smelt2.prg2.suse.org> # Security update for gstreamer Announcement ID: SUSE-SU-2025:0062-1 Release Date: 2025-01-10T12:53:37Z Rating: important References: * bsc#1234449 Cross-References: * CVE-2024-47606 CVSS scores: * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer fixes the following issues: * CVE-2024-47606: Avoid integer overflow when allocating sysmem. (bsc#1234449). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-62=1 openSUSE-SLE-15.6-2025-62=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-62=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-62=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgstreamer-1_0-0-1.24.0-150600.3.3.1 * gstreamer-debuginfo-1.24.0-150600.3.3.1 * gstreamer-utils-debuginfo-1.24.0-150600.3.3.1 * libgstreamer-1_0-0-debuginfo-1.24.0-150600.3.3.1 * gstreamer-devel-1.24.0-150600.3.3.1 * gstreamer-debugsource-1.24.0-150600.3.3.1 * gstreamer-utils-1.24.0-150600.3.3.1 * gstreamer-1.24.0-150600.3.3.1 * typelib-1_0-Gst-1_0-1.24.0-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * typelib-1_0-Gst-1_0-32bit-1.24.0-150600.3.3.1 * gstreamer-32bit-1.24.0-150600.3.3.1 * libgstreamer-1_0-0-32bit-debuginfo-1.24.0-150600.3.3.1 * libgstreamer-1_0-0-32bit-1.24.0-150600.3.3.1 * gstreamer-devel-32bit-1.24.0-150600.3.3.1 * gstreamer-32bit-debuginfo-1.24.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * gstreamer-lang-1.24.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libgstreamer-1_0-0-64bit-debuginfo-1.24.0-150600.3.3.1 * libgstreamer-1_0-0-64bit-1.24.0-150600.3.3.1 * gstreamer-64bit-1.24.0-150600.3.3.1 * gstreamer-64bit-debuginfo-1.24.0-150600.3.3.1 * gstreamer-devel-64bit-1.24.0-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgstreamer-1_0-0-1.24.0-150600.3.3.1 * gstreamer-debuginfo-1.24.0-150600.3.3.1 * gstreamer-utils-debuginfo-1.24.0-150600.3.3.1 * libgstreamer-1_0-0-debuginfo-1.24.0-150600.3.3.1 * gstreamer-devel-1.24.0-150600.3.3.1 * gstreamer-debugsource-1.24.0-150600.3.3.1 * gstreamer-utils-1.24.0-150600.3.3.1 * gstreamer-1.24.0-150600.3.3.1 * typelib-1_0-Gst-1_0-1.24.0-150600.3.3.1 * Basesystem Module 15-SP6 (noarch) * gstreamer-lang-1.24.0-150600.3.3.1 * SUSE Package Hub 15 15-SP6 (x86_64) * gstreamer-32bit-1.24.0-150600.3.3.1 * gstreamer-debuginfo-1.24.0-150600.3.3.1 * libgstreamer-1_0-0-32bit-debuginfo-1.24.0-150600.3.3.1 * libgstreamer-1_0-0-32bit-1.24.0-150600.3.3.1 * gstreamer-debugsource-1.24.0-150600.3.3.1 * gstreamer-32bit-debuginfo-1.24.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47606.html * https://bugzilla.suse.com/show_bug.cgi?id=1234449 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 20:30:05 -0000 Subject: SUSE-SU-2025:0072-1: important: Security update for logback Message-ID: <173654100534.13899.13593242980937845819@smelt2.prg2.suse.org> # Security update for logback Announcement ID: SUSE-SU-2025:0072-1 Release Date: 2025-01-10T18:33:38Z Rating: important References: * bsc#1234742 * bsc#1234743 Cross-References: * CVE-2024-12798 * CVE-2024-12801 CVSS scores: * CVE-2024-12798 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-12798 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:L/U:Clear * CVE-2024-12801 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-12801 ( NVD ): 2.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:N/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:X/U:Clear Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for logback fixes the following issues: * CVE-2024-12798: Fixed arbitrary code execution via JaninoEventEvaluator (bsc#1234742) * CVE-2024-12801: Fixed Server-Side Request Forgery in SaxEventRecorder (bsc#1234743) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-72=1 ## Package List: * openSUSE Leap 15.6 (noarch) * logback-examples-1.2.11-150200.3.10.1 * logback-1.2.11-150200.3.10.1 * logback-javadoc-1.2.11-150200.3.10.1 * logback-access-1.2.11-150200.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12798.html * https://www.suse.com/security/cve/CVE-2024-12801.html * https://bugzilla.suse.com/show_bug.cgi?id=1234742 * https://bugzilla.suse.com/show_bug.cgi?id=1234743 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 20:30:12 -0000 Subject: SUSE-SU-2025:0071-1: important: Security update for dnsmasq Message-ID: <173654101283.13899.1731657518047891973@smelt2.prg2.suse.org> # Security update for dnsmasq Announcement ID: SUSE-SU-2025:0071-1 Release Date: 2025-01-10T16:54:52Z Rating: important References: * bsc#1200344 * bsc#1207174 * bsc#1209358 * bsc#1214884 * bsc#1219823 * bsc#1219826 Cross-References: * CVE-2023-28450 * CVE-2023-50387 * CVE-2023-50868 CVSS scores: * CVE-2023-28450 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-28450 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-50387 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-50387 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-50868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities and has three security fixes can now be installed. ## Description: This update for dnsmasq fixes the following issues: * Version update to 2.90: * CVE-2023-50387: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219823) * CVE-2023-50868: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219826) * CVE-2023-28450: Default maximum EDNS.0 UDP packet size should be 1232. (bsc#1209358) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-71=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-71=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-71=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-71=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-71=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-71=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-71=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-71=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-71=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-71=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-71=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-71=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-71=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-71=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-71=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-71=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-71=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-71=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-71=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-71=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-71=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Manager Proxy 4.3 (x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * dnsmasq-utils-debuginfo-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-utils-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * dnsmasq-utils-debuginfo-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-utils-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28450.html * https://www.suse.com/security/cve/CVE-2023-50387.html * https://www.suse.com/security/cve/CVE-2023-50868.html * https://bugzilla.suse.com/show_bug.cgi?id=1200344 * https://bugzilla.suse.com/show_bug.cgi?id=1207174 * https://bugzilla.suse.com/show_bug.cgi?id=1209358 * https://bugzilla.suse.com/show_bug.cgi?id=1214884 * https://bugzilla.suse.com/show_bug.cgi?id=1219823 * https://bugzilla.suse.com/show_bug.cgi?id=1219826 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 20:30:15 -0000 Subject: SUSE-SU-2025:0070-1: important: Security update for gstreamer Message-ID: <173654101558.13899.17552540244892974959@smelt2.prg2.suse.org> # Security update for gstreamer Announcement ID: SUSE-SU-2025:0070-1 Release Date: 2025-01-10T16:52:54Z Rating: important References: * bsc#1234449 Cross-References: * CVE-2024-47606 CVSS scores: * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer fixes the following issues: * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-70=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-70=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-70=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-70=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-70=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-70=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-70=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-70=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-70=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-70=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-70=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-70=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-70=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * typelib-1_0-Gst-1_0-32bit-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-32bit-debuginfo-1.20.1-150400.3.3.1 * gstreamer-32bit-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-32bit-1.20.1-150400.3.3.1 * gstreamer-devel-32bit-1.20.1-150400.3.3.1 * gstreamer-32bit-1.20.1-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgstreamer-1_0-0-64bit-1.20.1-150400.3.3.1 * gstreamer-64bit-1.20.1-150400.3.3.1 * gstreamer-devel-64bit-1.20.1-150400.3.3.1 * gstreamer-64bit-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-64bit-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Manager Proxy 4.3 (x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Manager Proxy 4.3 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Manager Server 4.3 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47606.html * https://bugzilla.suse.com/show_bug.cgi?id=1234449 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 20:30:22 -0000 Subject: SUSE-SU-2025:0069-1: important: Security update for gstreamer-plugins-base Message-ID: <173654102275.13899.18261179900546533338@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2025:0069-1 Release Date: 2025-01-10T16:52:17Z Rating: important References: * bsc#1234415 * bsc#1234450 * bsc#1234453 * bsc#1234455 * bsc#1234456 * bsc#1234459 * bsc#1234460 Cross-References: * CVE-2024-47538 * CVE-2024-47541 * CVE-2024-47542 * CVE-2024-47600 * CVE-2024-47607 * CVE-2024-47615 * CVE-2024-47835 CVSS scores: * CVE-2024-47538 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47538 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47538 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47541 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47541 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47542 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47600 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47600 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47600 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47607 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47607 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47615 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47835 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47835 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves seven vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-47538: Fixed a stack-buffer overflow in vorbis_handle_identification_packet. (bsc#1234415) * CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. (bsc#1234450) * CVE-2024-47600: Fixed an out-of-bounds read in gst-discoverer-1.0 commandline tool. (bsc#1234453) * CVE-2024-47615: Fixed an out-of-bounds write in Ogg demuxer. (bsc#1234456) * CVE-2024-47541: Fixed an out-of-bounds write in SSA subtitle parser. (bsc#1234459) * CVE-2024-47542: Fixed an ID3v2 parser out-of-bounds read and NULL-pointer dereference. (bsc#1234460) * CVE-2024-47607: Fixed a stack buffer-overflow in Opus decoder. (bsc#1234455) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-69=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-69=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-69=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-69=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-69=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-69=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-69=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-69=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-69=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-69=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-69=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-69=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-69=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * openSUSE Leap 15.4 (x86_64) * libgstriff-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstapp-1_0-0-32bit-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-32bit-1.20.1-150400.3.11.1 * libgstapp-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstfft-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstgl-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-32bit-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-32bit-1.20.1-150400.3.11.1 * gstreamer-plugins-base-32bit-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstfft-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * openSUSE Leap 15.4 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * openSUSE Leap 15.4 (aarch64_ilp32) * gstreamer-plugins-base-64bit-1.20.1-150400.3.11.1 * libgstapp-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstapp-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstfft-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-64bit-1.20.1-150400.3.11.1 * gstreamer-plugins-base-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstfft-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-64bit-1.20.1-150400.3.11.1 * libgsttag-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstriff-1_0-0-64bit-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-64bit-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstgl-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Manager Proxy 4.3 (x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Manager Proxy 4.3 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Manager Server 4.3 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47538.html * https://www.suse.com/security/cve/CVE-2024-47541.html * https://www.suse.com/security/cve/CVE-2024-47542.html * https://www.suse.com/security/cve/CVE-2024-47600.html * https://www.suse.com/security/cve/CVE-2024-47607.html * https://www.suse.com/security/cve/CVE-2024-47615.html * https://www.suse.com/security/cve/CVE-2024-47835.html * https://bugzilla.suse.com/show_bug.cgi?id=1234415 * https://bugzilla.suse.com/show_bug.cgi?id=1234450 * https://bugzilla.suse.com/show_bug.cgi?id=1234453 * https://bugzilla.suse.com/show_bug.cgi?id=1234455 * https://bugzilla.suse.com/show_bug.cgi?id=1234456 * https://bugzilla.suse.com/show_bug.cgi?id=1234459 * https://bugzilla.suse.com/show_bug.cgi?id=1234460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 Jan 2025 20:30:44 -0000 Subject: SUSE-SU-2025:0067-1: important: Security update for gstreamer-plugins-good Message-ID: <173654104444.13899.6417992977201219128@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-good Announcement ID: SUSE-SU-2025:0067-1 Release Date: 2025-01-10T16:48:43Z Rating: important References: * bsc#1234414 * bsc#1234417 * bsc#1234421 * bsc#1234424 * bsc#1234425 * bsc#1234426 * bsc#1234427 * bsc#1234428 * bsc#1234432 * bsc#1234433 * bsc#1234434 * bsc#1234435 * bsc#1234436 * bsc#1234439 * bsc#1234440 * bsc#1234446 * bsc#1234447 * bsc#1234449 * bsc#1234462 * bsc#1234473 * bsc#1234476 * bsc#1234477 Cross-References: * CVE-2024-47530 * CVE-2024-47537 * CVE-2024-47539 * CVE-2024-47543 * CVE-2024-47544 * CVE-2024-47545 * CVE-2024-47546 * CVE-2024-47596 * CVE-2024-47597 * CVE-2024-47598 * CVE-2024-47599 * CVE-2024-47601 * CVE-2024-47602 * CVE-2024-47603 * CVE-2024-47606 * CVE-2024-47613 * CVE-2024-47774 * CVE-2024-47775 * CVE-2024-47776 * CVE-2024-47777 * CVE-2024-47778 * CVE-2024-47834 CVSS scores: * CVE-2024-47530 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-47530 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-47537 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47537 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47537 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47539 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47539 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47539 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47543 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47543 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47543 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47544 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47545 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47546 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47546 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47546 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47596 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47597 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47598 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47598 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47599 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47599 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47599 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47601 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47603 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47613 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47774 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47774 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47775 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47775 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47776 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47776 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47777 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47777 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47778 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47778 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47834 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 22 vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-good fixes the following issues: * CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421) * CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414) * CVE-2024-47539: Fixed an out-of-bounds write in convert_to_s334_1a. (boo#1234417) * CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462) * CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473) * CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read. (boo#1234476) * CVE-2024-47546: Fixed an integer underflow in extract_cc_from_data leading to out-of-bounds read. (boo#1234477) * CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads. (boo#1234424) * CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425) * CVE-2024-47598: Fixed MP4/MOV sample table parser out-of-bounds read. (boo#1234426) * CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (boo#1234427) * CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428) * CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (boo#1234432) * CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433) * CVE-2024-47606: Avoid integer overflow when allocating sysmem. (bsc#1234449) * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) * CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447) * CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads. (boo#1234446) * CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434) * CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435) * CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436) * CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439) * CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input files. (boo#1234440) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-67=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-67=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-67=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-67=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-67=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-67=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-67=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-67=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-67=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-plugins-good-gtk-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-qtqml-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-jack-1.20.1-150400.3.9.1 * gstreamer-plugins-good-qtqml-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-1.20.1-150400.3.9.1 * gstreamer-plugins-good-gtk-1.20.1-150400.3.9.1 * gstreamer-plugins-good-jack-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * openSUSE Leap 15.4 (x86_64) * gstreamer-plugins-good-jack-32bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-32bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-32bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-32bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-jack-32bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-32bit-1.20.1-150400.3.9.1 * openSUSE Leap 15.4 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * openSUSE Leap 15.4 (aarch64_ilp32) * gstreamer-plugins-good-jack-64bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-64bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-64bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-64bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-64bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-jack-64bit-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Manager Proxy 4.3 (x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Manager Proxy 4.3 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Manager Server 4.3 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47530.html * https://www.suse.com/security/cve/CVE-2024-47537.html * https://www.suse.com/security/cve/CVE-2024-47539.html * https://www.suse.com/security/cve/CVE-2024-47543.html * https://www.suse.com/security/cve/CVE-2024-47544.html * https://www.suse.com/security/cve/CVE-2024-47545.html * https://www.suse.com/security/cve/CVE-2024-47546.html * https://www.suse.com/security/cve/CVE-2024-47596.html * https://www.suse.com/security/cve/CVE-2024-47597.html * https://www.suse.com/security/cve/CVE-2024-47598.html * https://www.suse.com/security/cve/CVE-2024-47599.html * https://www.suse.com/security/cve/CVE-2024-47601.html * https://www.suse.com/security/cve/CVE-2024-47602.html * https://www.suse.com/security/cve/CVE-2024-47603.html * https://www.suse.com/security/cve/CVE-2024-47606.html * https://www.suse.com/security/cve/CVE-2024-47613.html * https://www.suse.com/security/cve/CVE-2024-47774.html * https://www.suse.com/security/cve/CVE-2024-47775.html * https://www.suse.com/security/cve/CVE-2024-47776.html * https://www.suse.com/security/cve/CVE-2024-47777.html * https://www.suse.com/security/cve/CVE-2024-47778.html * https://www.suse.com/security/cve/CVE-2024-47834.html * https://bugzilla.suse.com/show_bug.cgi?id=1234414 * https://bugzilla.suse.com/show_bug.cgi?id=1234417 * https://bugzilla.suse.com/show_bug.cgi?id=1234421 * https://bugzilla.suse.com/show_bug.cgi?id=1234424 * https://bugzilla.suse.com/show_bug.cgi?id=1234425 * https://bugzilla.suse.com/show_bug.cgi?id=1234426 * https://bugzilla.suse.com/show_bug.cgi?id=1234427 * https://bugzilla.suse.com/show_bug.cgi?id=1234428 * https://bugzilla.suse.com/show_bug.cgi?id=1234432 * https://bugzilla.suse.com/show_bug.cgi?id=1234433 * https://bugzilla.suse.com/show_bug.cgi?id=1234434 * https://bugzilla.suse.com/show_bug.cgi?id=1234435 * https://bugzilla.suse.com/show_bug.cgi?id=1234436 * https://bugzilla.suse.com/show_bug.cgi?id=1234439 * https://bugzilla.suse.com/show_bug.cgi?id=1234440 * https://bugzilla.suse.com/show_bug.cgi?id=1234446 * https://bugzilla.suse.com/show_bug.cgi?id=1234447 * https://bugzilla.suse.com/show_bug.cgi?id=1234449 * https://bugzilla.suse.com/show_bug.cgi?id=1234462 * https://bugzilla.suse.com/show_bug.cgi?id=1234473 * https://bugzilla.suse.com/show_bug.cgi?id=1234476 * https://bugzilla.suse.com/show_bug.cgi?id=1234477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 13 16:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 Jan 2025 16:30:06 -0000 Subject: SUSE-SU-2025:0080-1: important: Security update for MozillaThunderbird Message-ID: <173678580649.29428.2662989039136781603@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2025:0080-1 Release Date: 2025-01-13T15:31:02Z Rating: important References: * bsc#1234991 Cross-References: * CVE-2025-0237 * CVE-2025-0238 * CVE-2025-0239 * CVE-2025-0240 * CVE-2025-0241 * CVE-2025-0242 * CVE-2025-0243 CVSS scores: * CVE-2025-0237 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0237 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0238 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-0238 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-0239 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0239 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0240 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0240 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0242 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0242 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0243 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-0243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird ESR 128.6 (MFSA 2025-05, bsc#1234991) Security fixes: * CVE-2025-0237 (bmo#1915257) WebChannel APIs susceptible to confused deputy attack * CVE-2025-0238 (bmo#1915535) Use-after-free when breaking lines in text * CVE-2025-0239 (bmo#1929156) Alt-Svc ALPN validation failure when redirected * CVE-2025-0240 (bmo#1929623) Compartment mismatch when parsing JavaScript JSON module * CVE-2025-0241 (bmo#1933023) Memory corruption when using JavaScript Text Segmentation * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, bmo#1932169) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 * CVE-2025-0243 (bmo#1827142, bmo#1932783) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 Other fixes: * fixed: New mail notification was not hidden after reading the new message (bmo#1920077) * fixed: New mail notification could show for the wrong folder, causing repeated alerts (bmo#1926462) * fixed: macOS shortcut CMD+1 did not restore the main window when it was minimized (bmo#1857953) * fixed: Clicking the context menu "Reply" button resulted in "Reply-All" (bmo#1935883) * fixed: Switching from "All", "Unread", and "Threads with unread" did not work (bmo#1921618) * fixed: Downloading message headers from a newsgroup could cause a hang (bmo#1931661) * fixed: Message list performance slow when many updates happened at once (bmo#1933104) * fixed: "mailto:" links did not apply the compose format of the current identity (bmo#550414) * fixed: Authentication failure of AUTH PLAIN or AUTH LOGIN did not fall back to USERPASS (bmo#1928026) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-80=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-80=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-80=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-128.6.0-150200.8.197.1 * MozillaThunderbird-debuginfo-128.6.0-150200.8.197.1 * MozillaThunderbird-debugsource-128.6.0-150200.8.197.1 * MozillaThunderbird-translations-common-128.6.0-150200.8.197.1 * MozillaThunderbird-translations-other-128.6.0-150200.8.197.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-128.6.0-150200.8.197.1 * MozillaThunderbird-debuginfo-128.6.0-150200.8.197.1 * MozillaThunderbird-debugsource-128.6.0-150200.8.197.1 * MozillaThunderbird-translations-common-128.6.0-150200.8.197.1 * MozillaThunderbird-translations-other-128.6.0-150200.8.197.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-128.6.0-150200.8.197.1 * MozillaThunderbird-debuginfo-128.6.0-150200.8.197.1 * MozillaThunderbird-debugsource-128.6.0-150200.8.197.1 * MozillaThunderbird-translations-common-128.6.0-150200.8.197.1 * MozillaThunderbird-translations-other-128.6.0-150200.8.197.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0237.html * https://www.suse.com/security/cve/CVE-2025-0238.html * https://www.suse.com/security/cve/CVE-2025-0239.html * https://www.suse.com/security/cve/CVE-2025-0240.html * https://www.suse.com/security/cve/CVE-2025-0241.html * https://www.suse.com/security/cve/CVE-2025-0242.html * https://www.suse.com/security/cve/CVE-2025-0243.html * https://bugzilla.suse.com/show_bug.cgi?id=1234991 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 13 20:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 Jan 2025 20:30:06 -0000 Subject: SUSE-SU-2025:0081-1: important: Security update for redis Message-ID: <173680020652.29410.3503320926508893546@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:0081-1 Release Date: 2025-01-13T16:49:47Z Rating: important References: * bsc#1231264 * bsc#1231265 * bsc#1235387 Cross-References: * CVE-2024-31228 * CVE-2024-31449 * CVE-2024-46981 CVSS scores: * CVE-2024-31228 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31228 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31449 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-31449 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2024-31228: Prevent unbounded recursive pattern matching. (bsc#1231265) * CVE-2024-31449: Fixed an integer overflow bug in Lua bit_tohex. (bsc#1231264) * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-81=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-81=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-81=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-81=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * redis-debugsource-6.0.14-150200.6.32.1 * redis-6.0.14-150200.6.32.1 * redis-debuginfo-6.0.14-150200.6.32.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * redis-debugsource-6.0.14-150200.6.32.1 * redis-6.0.14-150200.6.32.1 * redis-debuginfo-6.0.14-150200.6.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * redis-debugsource-6.0.14-150200.6.32.1 * redis-6.0.14-150200.6.32.1 * redis-debuginfo-6.0.14-150200.6.32.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * redis-debugsource-6.0.14-150200.6.32.1 * redis-6.0.14-150200.6.32.1 * redis-debuginfo-6.0.14-150200.6.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31228.html * https://www.suse.com/security/cve/CVE-2024-31449.html * https://www.suse.com/security/cve/CVE-2024-46981.html * https://bugzilla.suse.com/show_bug.cgi?id=1231264 * https://bugzilla.suse.com/show_bug.cgi?id=1231265 * https://bugzilla.suse.com/show_bug.cgi?id=1235387 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 08:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 08:30:23 -0000 Subject: SUSE-SU-2025:0091-1: important: Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) Message-ID: <173684342350.26244.16081887597389337894@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0091-1 Release Date: 2025-01-14T07:33:42Z Rating: important References: * bsc#1210619 * bsc#1220537 * bsc#1223363 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225819 * bsc#1226325 * bsc#1226337 * bsc#1228573 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-46955 * CVE-2021-47378 * CVE-2021-47383 * CVE-2022-48686 * CVE-2022-48956 * CVE-2023-1829 * CVE-2023-52752 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36964 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46955 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 20 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_216 fixes several issues. The following security issues were fixed: * CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1226337). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-91=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_216-default-9-8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226337 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 08:30:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 08:30:38 -0000 Subject: SUSE-SU-2025:0090-1: important: Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5) Message-ID: <173684343829.26244.9870493255900797555@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0090-1 Release Date: 2025-01-14T06:03:59Z Rating: important References: * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_225 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-90=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_225-default-3-8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 08:30:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 08:30:43 -0000 Subject: SUSE-SU-2025:0089-1: important: Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5) Message-ID: <173684344365.26244.8464563173582452320@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0089-1 Release Date: 2025-01-14T06:03:50Z Rating: important References: * bsc#1228573 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-35949 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_222 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-89=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_222-default-4-8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 08:30:46 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 08:30:46 -0000 Subject: SUSE-SU-2025:0085-1: important: Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6) Message-ID: <173684344654.26244.12195272844984919996@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0085-1 Release Date: 2025-01-14T03:33:49Z Rating: important References: * bsc#1225819 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_8 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-85=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-3-150600.1.6.1 * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-3-150600.1.6.1 * kernel-livepatch-6_4_0-150600_10_8-rt-3-150600.1.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 08:30:52 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 08:30:52 -0000 Subject: SUSE-SU-2025:0084-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Message-ID: <173684345278.26244.11571075746096006448@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0084-1 Release Date: 2025-01-14T03:33:44Z Rating: important References: * bsc#1225819 * bsc#1228349 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-35949 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-84=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-6-150600.1.8.1 * kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1 * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-6-150600.1.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 08:30:56 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 08:30:56 -0000 Subject: SUSE-SU-2025:0083-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) Message-ID: <173684345623.26244.11840922043974082899@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0083-1 Release Date: 2025-01-14T03:34:05Z Rating: important References: * bsc#1233712 Cross-References: * CVE-2024-50264 CVSS scores: * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_17 fixes one issue. The following security issue was fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-83=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-86=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-87=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-88=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_8-rt-7-150600.3.1 * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-7-150600.3.1 * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-2-150600.1.6.1 * kernel-livepatch-6_4_0-150600_10_11-rt-3-150600.1.6.1 * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-3-150600.1.6.1 * kernel-livepatch-6_4_0-150600_10_17-rt-2-150600.1.6.1 * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-3-150600.1.6.1 * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-2-150600.1.6.1 * kernel-livepatch-6_4_0-150600_10_14-rt-2-150600.1.6.1 * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-2-150600.1.6.1 * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-7-150600.3.1 * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-2-150600.1.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 16:30:11 -0000 Subject: SUSE-SU-2025:0098-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Message-ID: <173687221187.29410.5873065073666288345@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0098-1 Release Date: 2025-01-14T15:33:35Z Rating: important References: * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-98=1 SUSE-2025-99=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-98=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-99=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_41-debugsource-14-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_40-debugsource-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-15-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-preempt-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-preempt-14-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 16:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 16:30:24 -0000 Subject: SUSE-SU-2025:0097-1: important: Security update for the Linux Kernel (Live Patch 57 for SLE 12 SP5) Message-ID: <173687222420.29410.9812558521239563779@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 57 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0097-1 Release Date: 2025-01-14T14:33:29Z Rating: important References: * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225819 * bsc#1226325 * bsc#1228573 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2023-52752 * CVE-2024-26923 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36964 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_219 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-97=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_219-default-6-8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 16:30:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 16:30:27 -0000 Subject: SUSE-SU-2025:0094-1: important: Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5) Message-ID: <173687222765.29410.4802581418894852324@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0094-1 Release Date: 2025-01-14T14:04:38Z Rating: important References: * bsc#1226337 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48686 * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_189 fixes several issues. The following security issues were fixed: * CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1226337). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-94=1 SUSE-SLE-Live- Patching-12-SP5-2025-95=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_189-default-14-2.1 * kgraft-patch-4_12_14-122_186-default-15-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1226337 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 16:30:30 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 16:30:30 -0000 Subject: SUSE-SU-2025:0096-1: important: Security update for webkit2gtk3 Message-ID: <173687223066.29410.16413101402860338640@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:0096-1 Release Date: 2025-01-14T14:13:16Z Rating: important References: * bsc#1234851 Cross-References: * CVE-2024-40866 * CVE-2024-44185 * CVE-2024-44187 * CVE-2024-44308 * CVE-2024-44309 * CVE-2024-54479 * CVE-2024-54502 * CVE-2024-54505 * CVE-2024-54508 * CVE-2024-54534 CVSS scores: * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44308 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44309 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-54479 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54479 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54502 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54502 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54502 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54502 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54505 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-54505 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2024-54505 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-54505 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54508 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54508 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54508 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54508 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54534 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-54534 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-54534 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-54534 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 (bsc#1234851): Security fixes: * CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54505: Processing maliciously crafted web content may lead to memory corruption * CVE-2024-54508: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54534: Processing maliciously crafted web content may lead to memory corruption Other fixes: * Fix the build with GBM and release logs disabled. * Fix several crashes and rendering issues. * Improve memory consumption and performance of Canvas getImageData. * Fix preserve-3D intersection rendering. * Fix video dimensions since GStreamer 1.24.9. * Fix the HTTP-based remote Web Inspector not loading in Chromium. * Fix content filters not working on about:blank iframes. * Fix several crashes and rendering issues. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-96=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-96=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-96=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-96=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-96=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-96=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-96=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-96=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-96=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-96=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-96=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-96=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-96=1 ## Package List: * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * openSUSE Leap 15.4 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-minibrowser-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * webkit-jsc-4.1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-minibrowser-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-minibrowser-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * webkit2gtk4-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.5-150400.4.103.1 * webkit-jsc-4-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit-jsc-6.0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit-jsc-6.0-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-minibrowser-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk4-minibrowser-2.46.5-150400.4.103.1 * typelib-1_0-WebKit-6_0-2.46.5-150400.4.103.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * webkit-jsc-4-debuginfo-2.46.5-150400.4.103.1 * webkit-jsc-4.1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-6_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * openSUSE Leap 15.4 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-32bit-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-32bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.5-150400.4.103.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libwebkit2gtk-4_0-37-64bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-64bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * SUSE Manager Proxy 4.3 (x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-44308.html * https://www.suse.com/security/cve/CVE-2024-44309.html * https://www.suse.com/security/cve/CVE-2024-54479.html * https://www.suse.com/security/cve/CVE-2024-54502.html * https://www.suse.com/security/cve/CVE-2024-54505.html * https://www.suse.com/security/cve/CVE-2024-54508.html * https://www.suse.com/security/cve/CVE-2024-54534.html * https://bugzilla.suse.com/show_bug.cgi?id=1234851 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:30:35 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:30:35 -0000 Subject: SUSE-SU-2025:0109-1: important: Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Message-ID: <173688663555.29410.7815732537655759941@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0109-1 Release Date: 2025-01-14T19:04:14Z Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 31 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_111 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-109=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-109=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_24-debugsource-10-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-10-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-10-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_24-debugsource-10-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-10-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-10-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:30:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:30:40 -0000 Subject: SUSE-SU-2025:0108-1: important: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Message-ID: <173688664025.29410.11050136917056964465@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0108-1 Release Date: 2025-01-14T19:04:03Z Rating: important References: * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_103 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-108=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-108=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_103-default-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-13-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_103-default-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-13-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:31:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:31:08 -0000 Subject: SUSE-SU-2025:0107-1: important: Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Message-ID: <173688666814.29410.11080708021635984105@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0107-1 Release Date: 2025-01-14T18:33:38Z Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 33 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_108 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-107=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-107=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-12-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-12-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-12-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-12-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-12-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-12-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:31:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:31:29 -0000 Subject: SUSE-SU-2025:0106-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Message-ID: <173688668951.29410.9249563347157228226@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0106-1 Release Date: 2025-01-14T18:33:29Z Rating: important References: * bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225302 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-46955 * CVE-2021-47291 * CVE-2021-47378 * CVE-2021-47383 * CVE-2021-47402 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48956 * CVE-2023-1829 * CVE-2023-52752 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46955 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 25 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301) * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-106=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-106=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-10-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_43-debugsource-10-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_158-preempt-10-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-10-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2021-47402.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225302 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:31:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:31:37 -0000 Subject: SUSE-SU-2025:0105-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Message-ID: <173688669796.29410.10642977451615356515@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0105-1 Release Date: 2025-01-14T18:04:13Z Rating: important References: * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47291 * CVE-2021-47598 * CVE-2022-48956 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-105=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-105=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-5-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_167-default-5-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_46-debugsource-5-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-5-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_167-preempt-5-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-5-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:31:59 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:31:59 -0000 Subject: SUSE-SU-2025:0103-1: important: Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Message-ID: <173688671962.29410.15563198146596941776@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0103-1 Release Date: 2025-01-14T17:33:28Z Rating: important References: * bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225819 * bsc#1226325 * bsc#1226337 * bsc#1228573 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-46955 * CVE-2021-47378 * CVE-2021-47383 * CVE-2022-48651 * CVE-2022-48686 * CVE-2022-48956 * CVE-2023-1829 * CVE-2023-52752 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36964 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46955 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 25 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_201 fixes several issues. The following security issues were fixed: * CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1226337). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-103=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_201-default-11-8.10.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226337 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:32:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:32:22 -0000 Subject: SUSE-SU-2025:0101-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Message-ID: <173688674202.29410.8659829888466087319@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0101-1 Release Date: 2025-01-14T17:04:00Z Rating: important References: * bsc#1210619 * bsc#1218487 * bsc#1220145 * bsc#1220537 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225302 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-46955 * CVE-2021-47291 * CVE-2021-47378 * CVE-2021-47383 * CVE-2021-47402 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48956 * CVE-2023-1829 * CVE-2023-52752 * CVE-2023-6531 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46955 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 27 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_153 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301) * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-101=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-101=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-11-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_42-debugsource-11-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-11-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-11-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-preempt-11-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-11-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2021-47402.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225302 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:32:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:32:25 -0000 Subject: SUSE-SU-2025:0100-1: important: Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5) Message-ID: <173688674587.29410.10264898244125425213@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0100-1 Release Date: 2025-01-14T17:03:51Z Rating: important References: * bsc#1226337 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48686 * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_194 fixes several issues. The following security issues were fixed: * CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1226337). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-100=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_194-default-12-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1226337 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:32:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:32:28 -0000 Subject: SUSE-SU-2025:0104-1: important: Security update for webkit2gtk3 Message-ID: <173688674806.29410.329580855933180328@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:0104-1 Release Date: 2025-01-14T18:04:04Z Rating: important References: * bsc#1234851 Cross-References: * CVE-2024-40866 * CVE-2024-44185 * CVE-2024-44187 * CVE-2024-44308 * CVE-2024-44309 * CVE-2024-54479 * CVE-2024-54502 * CVE-2024-54505 * CVE-2024-54508 * CVE-2024-54534 CVSS scores: * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44308 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44309 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-54479 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54479 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54502 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54502 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54502 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54502 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54505 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-54505 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2024-54505 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-54505 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54508 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54508 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54508 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54508 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54534 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-54534 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-54534 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-54534 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 (bsc#1234851): Security fixes: * CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54505: Processing maliciously crafted web content may lead to memory corruption * CVE-2024-54508: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54534: Processing maliciously crafted web content may lead to memory corruption Other fixes: * Fix the build with GBM and release logs disabled. * Fix several crashes and rendering issues. * Improve memory consumption and performance of Canvas getImageData. * Fix preserve-3D intersection rendering. * Fix video dimensions since GStreamer 1.24.9. * Fix the HTTP-based remote Web Inspector not loading in Chromium. * Fix content filters not working on about:blank iframes. * Fix several crashes and rendering issues. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-104=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-104=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_0-37-2.46.5-4.25.1 * webkit2gtk-4_0-injected-bundles-2.46.5-4.25.1 * libjavascriptcoregtk-4_0-18-2.46.5-4.25.1 * typelib-1_0-WebKit2-4_0-2.46.5-4.25.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-4.25.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-4.25.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-4.25.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-4.25.1 * webkit2gtk3-devel-2.46.5-4.25.1 * webkit2gtk3-debugsource-2.46.5-4.25.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * libwebkit2gtk3-lang-2.46.5-4.25.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-4.25.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libwebkit2gtk-4_0-37-2.46.5-4.25.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-4.25.1 * webkit2gtk-4_0-injected-bundles-2.46.5-4.25.1 * libjavascriptcoregtk-4_0-18-2.46.5-4.25.1 * typelib-1_0-WebKit2-4_0-2.46.5-4.25.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-4.25.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-4.25.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-4.25.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-4.25.1 * webkit2gtk3-devel-2.46.5-4.25.1 * webkit2gtk3-debugsource-2.46.5-4.25.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libwebkit2gtk3-lang-2.46.5-4.25.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-44308.html * https://www.suse.com/security/cve/CVE-2024-44309.html * https://www.suse.com/security/cve/CVE-2024-54479.html * https://www.suse.com/security/cve/CVE-2024-54502.html * https://www.suse.com/security/cve/CVE-2024-54505.html * https://www.suse.com/security/cve/CVE-2024-54508.html * https://www.suse.com/security/cve/CVE-2024-54534.html * https://bugzilla.suse.com/show_bug.cgi?id=1234851 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 20:32:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 Jan 2025 20:32:31 -0000 Subject: SUSE-SU-2025:0102-1: moderate: Security update for apache2-mod_jk Message-ID: <173688675172.29410.14414626817722998830@smelt2.prg2.suse.org> # Security update for apache2-mod_jk Announcement ID: SUSE-SU-2025:0102-1 Release Date: 2025-01-14T17:12:50Z Rating: moderate References: * bsc#1215301 * bsc#1230916 Cross-References: * CVE-2023-41081 * CVE-2024-46544 CVSS scores: * CVE-2023-41081 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-41081 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-41081 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46544 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46544 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-46544 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for apache2-mod_jk fixes the following issues: * Update to version 1.2.50: * CVE-2024-46544: Fixed incorrect default permissions vulnerabilitymay that could lead to information disclosure and/or denial of service. (bsc#1230916) * CVE-2023-41081: Fixed information disclosure in mod_jk. (bsc#1215301) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-102=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-102=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * apache2-mod_jk-1.2.50-150100.6.12.1 * apache2-mod_jk-debugsource-1.2.50-150100.6.12.1 * apache2-mod_jk-debuginfo-1.2.50-150100.6.12.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-mod_jk-1.2.50-150100.6.12.1 * apache2-mod_jk-debugsource-1.2.50-150100.6.12.1 * apache2-mod_jk-debuginfo-1.2.50-150100.6.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41081.html * https://www.suse.com/security/cve/CVE-2024-46544.html * https://bugzilla.suse.com/show_bug.cgi?id=1215301 * https://bugzilla.suse.com/show_bug.cgi?id=1230916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 08:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 08:30:34 -0000 Subject: SUSE-SU-2025:0115-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Message-ID: <173692983405.29410.13470823458348342087@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0115-1 Release Date: 2025-01-15T07:03:58Z Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 32 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-115=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-115=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-10-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-10-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-10-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-10-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-10-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-10-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 08:30:54 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 08:30:54 -0000 Subject: SUSE-SU-2025:0114-1: important: Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Message-ID: <173692985426.29410.3875848876035348650@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0114-1 Release Date: 2025-01-15T04:04:02Z Rating: important References: * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 27 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-114=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-114=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-10-150500.11.10.1 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-10-150500.11.10.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-10-150500.11.10.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-10-150500.11.10.1 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-10-150500.11.10.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-10-150500.11.10.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 08:30:57 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 08:30:57 -0000 Subject: SUSE-SU-2025:0112-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Message-ID: <173692985766.29410.6376969496904292940@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0112-1 Release Date: 2025-01-14T21:34:10Z Rating: important References: * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-112=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-112=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-14-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-14-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 08:34:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 08:34:19 -0000 Subject: SUSE-SU-2025:0111-1: important: Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4) Message-ID: <173693005914.9686.6635703113845284578@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0111-1 Release Date: Rating: important References: * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48956 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_125 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-111=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-111=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_28-debugsource-5-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_125-default-5-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-5-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_28-debugsource-5-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_125-default-5-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-5-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 08:34:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 08:34:34 -0000 Subject: SUSE-SU-2025:0110-1: important: Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4) Message-ID: <173693007487.9686.11959617071080467670@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0110-1 Release Date: 2025-01-14T20:34:37Z Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 16 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_122 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-110=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-110=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-7-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-7-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-7-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-7-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:30:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 12:30:31 -0000 Subject: SUSE-SU-2025:0124-1: important: Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Message-ID: <173694423122.18685.11875597582993115848@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0124-1 Release Date: 2025-01-15T10:11:30Z Rating: important References: * bsc#1223059 * bsc#1223363 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 24 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-124=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-124=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-9-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-9-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-9-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-9-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-9-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-9-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:30:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 12:30:37 -0000 Subject: SUSE-SU-2025:0123-1: important: Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4) Message-ID: <173694423700.18685.12824193773307215508@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0123-1 Release Date: 2025-01-15T10:11:17Z Rating: important References: * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_100 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-123=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-123=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_21-debugsource-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-15-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_21-debugsource-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-15-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:30:50 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 12:30:50 -0000 Subject: SUSE-SU-2025:0122-1: important: Security update for rsync Message-ID: <173694425062.18685.14790772508532211915@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0122-1 Release Date: 2025-01-15T09:09:53Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2025-122=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-122=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-122=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-122=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-122=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-122=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-122=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-122=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2025-122=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-122=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-122=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-122=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-122=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-122=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Proxy 4.3 (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:30:57 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 12:30:57 -0000 Subject: SUSE-SU-2025:0121-1: important: Security update for rsync Message-ID: <173694425796.18685.5905973624350942009@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0121-1 Release Date: 2025-01-15T09:08:49Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-121=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-121=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-121=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-121=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-121=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-121=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-121=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:31:02 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 12:31:02 -0000 Subject: SUSE-SU-2025:0120-1: important: Security update for rsync Message-ID: <173694426271.18685.17828624254930552220@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0120-1 Release Date: 2025-01-15T09:08:20Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-120=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-120=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debugsource-3.1.3-3.18.1 * rsync-debuginfo-3.1.3-3.18.1 * rsync-3.1.3-3.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * rsync-debugsource-3.1.3-3.18.1 * rsync-debuginfo-3.1.3-3.18.1 * rsync-3.1.3-3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:31:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 12:31:07 -0000 Subject: SUSE-SU-2025:0118-1: important: Security update for rsync Message-ID: <173694426732.18685.12927051751790700385@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0118-1 Release Date: 2025-01-15T09:08:02Z Rating: important References: * bsc#1234100 * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12084 * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12084 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12084 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12084: heap buffer overflow in checksum parsing. (bsc#1234100) * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-118=1 SUSE-2025-118=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-118=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * rsync-debuginfo-3.2.7-150600.3.4.1 * rsync-debugsource-3.2.7-150600.3.4.1 * rsync-3.2.7-150600.3.4.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.7-150600.3.4.1 * rsync-debugsource-3.2.7-150600.3.4.1 * rsync-3.2.7-150600.3.4.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12084.html * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234100 * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:34:02 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 12:34:02 -0000 Subject: SUSE-SU-2025:0117-1: important: Security update for the Linux Kernel Message-ID: <173694444220.18685.10437812804711487668@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0117-1 Release Date: 2025-01-15T09:07:51Z Rating: important References: * bsc#1214954 * bsc#1216813 * bsc#1220773 * bsc#1224095 * bsc#1224726 * bsc#1225743 * bsc#1225758 * bsc#1225820 * bsc#1227445 * bsc#1228526 * bsc#1229809 * bsc#1230205 * bsc#1230413 * bsc#1230697 * bsc#1231854 * bsc#1231909 * bsc#1231963 * bsc#1232193 * bsc#1232198 * bsc#1232201 * bsc#1232418 * bsc#1232419 * bsc#1232420 * bsc#1232421 * bsc#1232436 * bsc#1233038 * bsc#1233070 * bsc#1233096 * bsc#1233200 * bsc#1233204 * bsc#1233239 * bsc#1233259 * bsc#1233260 * bsc#1233324 * bsc#1233328 * bsc#1233461 * bsc#1233467 * bsc#1233468 * bsc#1233469 * bsc#1233546 * bsc#1233558 * bsc#1233637 * bsc#1233642 * bsc#1233772 * bsc#1233837 * bsc#1234024 * bsc#1234069 * bsc#1234071 * bsc#1234073 * bsc#1234075 * bsc#1234076 * bsc#1234077 * bsc#1234079 * bsc#1234086 * bsc#1234139 * bsc#1234140 * bsc#1234141 * bsc#1234142 * bsc#1234143 * bsc#1234144 * bsc#1234145 * bsc#1234146 * bsc#1234147 * bsc#1234148 * bsc#1234149 * bsc#1234150 * bsc#1234153 * bsc#1234155 * bsc#1234156 * bsc#1234158 * bsc#1234159 * bsc#1234160 * bsc#1234161 * bsc#1234162 * bsc#1234163 * bsc#1234164 * bsc#1234165 * bsc#1234166 * bsc#1234167 * bsc#1234168 * bsc#1234169 * bsc#1234170 * bsc#1234171 * bsc#1234172 * bsc#1234173 * bsc#1234174 * bsc#1234175 * bsc#1234176 * bsc#1234177 * bsc#1234178 * bsc#1234179 * bsc#1234180 * bsc#1234181 * bsc#1234182 * bsc#1234183 * bsc#1234184 * bsc#1234185 * bsc#1234186 * bsc#1234187 * bsc#1234188 * bsc#1234189 * bsc#1234190 * bsc#1234191 * bsc#1234192 * bsc#1234193 * bsc#1234194 * bsc#1234195 * bsc#1234196 * bsc#1234197 * bsc#1234198 * bsc#1234199 * bsc#1234200 * bsc#1234201 * bsc#1234203 * bsc#1234204 * bsc#1234205 * bsc#1234207 * bsc#1234208 * bsc#1234209 * bsc#1234219 * bsc#1234220 * bsc#1234221 * bsc#1234237 * bsc#1234238 * bsc#1234239 * bsc#1234240 * bsc#1234241 * bsc#1234242 * bsc#1234243 * bsc#1234278 * bsc#1234279 * bsc#1234280 * bsc#1234281 * bsc#1234282 * bsc#1234294 * bsc#1234338 * bsc#1234357 * bsc#1234381 * bsc#1234454 * bsc#1234464 * bsc#1234605 * bsc#1234651 * bsc#1234652 * bsc#1234654 * bsc#1234655 * bsc#1234657 * bsc#1234658 * bsc#1234659 * bsc#1234668 * bsc#1234690 * bsc#1234725 * bsc#1234726 * bsc#1234810 * bsc#1234811 * bsc#1234826 * bsc#1234827 * bsc#1234829 * bsc#1234832 * bsc#1234834 * bsc#1234843 * bsc#1234846 * bsc#1234848 * bsc#1234853 * bsc#1234855 * bsc#1234856 * bsc#1234884 * bsc#1234889 * bsc#1234891 * bsc#1234899 * bsc#1234900 * bsc#1234905 * bsc#1234907 * bsc#1234909 * bsc#1234911 * bsc#1234912 * bsc#1234916 * bsc#1234918 * bsc#1234920 * bsc#1234921 * bsc#1234922 * bsc#1234929 * bsc#1234930 * bsc#1234937 * bsc#1234948 * bsc#1234950 * bsc#1234952 * bsc#1234960 * bsc#1234962 * bsc#1234963 * bsc#1234968 * bsc#1234969 * bsc#1234970 * bsc#1234971 * bsc#1234973 * bsc#1234974 * bsc#1234989 * bsc#1234999 * bsc#1235002 * bsc#1235003 * bsc#1235004 * bsc#1235007 * bsc#1235009 * bsc#1235016 * bsc#1235019 * bsc#1235033 * bsc#1235045 * bsc#1235056 * bsc#1235061 * bsc#1235075 * bsc#1235108 * bsc#1235128 * bsc#1235134 * bsc#1235138 * bsc#1235246 * bsc#1235406 * bsc#1235409 * bsc#1235416 * bsc#1235507 * bsc#1235550 * jsc#PED-10467 Cross-References: * CVE-2024-26924 * CVE-2024-27397 * CVE-2024-35839 * CVE-2024-36908 * CVE-2024-36915 * CVE-2024-39480 * CVE-2024-41042 * CVE-2024-44934 * CVE-2024-44996 * CVE-2024-47678 * CVE-2024-49854 * CVE-2024-49884 * CVE-2024-49915 * CVE-2024-50016 * CVE-2024-50018 * CVE-2024-50039 * CVE-2024-50047 * CVE-2024-50143 * CVE-2024-50154 * CVE-2024-50202 * CVE-2024-50203 * CVE-2024-50211 * CVE-2024-50228 * CVE-2024-50256 * CVE-2024-50262 * CVE-2024-50272 * CVE-2024-50278 * CVE-2024-50279 * CVE-2024-50280 * CVE-2024-53050 * CVE-2024-53064 * CVE-2024-53090 * CVE-2024-53099 * CVE-2024-53103 * CVE-2024-53105 * CVE-2024-53111 * CVE-2024-53113 * CVE-2024-53117 * CVE-2024-53118 * CVE-2024-53119 * CVE-2024-53120 * CVE-2024-53122 * CVE-2024-53125 * CVE-2024-53126 * CVE-2024-53127 * CVE-2024-53129 * CVE-2024-53130 * CVE-2024-53131 * CVE-2024-53133 * CVE-2024-53134 * CVE-2024-53136 * CVE-2024-53141 * CVE-2024-53142 * CVE-2024-53144 * CVE-2024-53146 * CVE-2024-53148 * CVE-2024-53150 * CVE-2024-53151 * CVE-2024-53154 * CVE-2024-53155 * CVE-2024-53156 * CVE-2024-53157 * CVE-2024-53158 * CVE-2024-53159 * CVE-2024-53160 * CVE-2024-53161 * CVE-2024-53162 * CVE-2024-53166 * CVE-2024-53169 * CVE-2024-53171 * CVE-2024-53173 * CVE-2024-53174 * CVE-2024-53179 * CVE-2024-53180 * CVE-2024-53188 * CVE-2024-53190 * CVE-2024-53191 * CVE-2024-53200 * CVE-2024-53201 * CVE-2024-53202 * CVE-2024-53206 * CVE-2024-53207 * CVE-2024-53208 * CVE-2024-53209 * CVE-2024-53210 * CVE-2024-53213 * CVE-2024-53214 * CVE-2024-53215 * CVE-2024-53216 * CVE-2024-53217 * CVE-2024-53222 * CVE-2024-53224 * CVE-2024-53229 * CVE-2024-53234 * CVE-2024-53237 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56536 * CVE-2024-56539 * CVE-2024-56549 * CVE-2024-56551 * CVE-2024-56562 * CVE-2024-56566 * CVE-2024-56567 * CVE-2024-56576 * CVE-2024-56582 * CVE-2024-56599 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56645 * CVE-2024-56667 * CVE-2024-56752 * CVE-2024-56754 * CVE-2024-56755 * CVE-2024-56756 * CVE-2024-8805 CVSS scores: * CVE-2024-26924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27397 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36908 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39480 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L * CVE-2024-39480 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44996 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-49854 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49854 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49854 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49915 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50018 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50203 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50203 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50203 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50211 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50228 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50228 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-50228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50262 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50262 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50272 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50279 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50279 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53050 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53099 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53099 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53099 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53111 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53111 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53117 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53118 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53127 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53133 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53133 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53134 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53141 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53148 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53148 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53150 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53150 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53151 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53154 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53154 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53155 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53155 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53155 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53159 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53159 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-53160 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53160 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53161 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53169 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53169 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53171 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53174 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53174 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53180 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53190 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-53190 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-53191 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53191 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53200 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53201 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53202 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53202 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-53202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53207 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53207 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53208 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53208 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53209 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53209 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53213 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53215 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53216 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53216 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53217 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53222 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53222 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53222 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53224 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53224 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53229 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53229 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53234 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53234 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53237 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53237 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56536 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56536 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56536 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56549 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56549 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56551 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56551 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56562 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56562 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56566 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56566 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2024-56567 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56567 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56576 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56582 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56582 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56582 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56599 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56599 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56599 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56645 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56645 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56667 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56752 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56752 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56754 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56754 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56755 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56755 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56756 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56756 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56756 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 116 vulnerabilities, contains one feature and has 103 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). * CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095). * CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). * CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). * CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205). * CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). * CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). * CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909). * CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). * CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). * CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). * CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467). * CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). * CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546). * CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558). * CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). * CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772). * CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069). * CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086). * CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). * CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079). * CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071). * CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). * CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). * CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). * CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). * CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221) * CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159). * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). * CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810). * CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003). * CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974). * CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (bsc#1234282). * CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). * CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033). * CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128). * CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: * 9p: v9fs_fid_find: also lookup by inode if not found dentry (git-fixes). * accel/habanalabs: export dma-buf only if size/offset multiples of PAGE_SIZE (stable-fixes). * accel/habanalabs: fix debugfs files permissions (stable-fixes). * accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings (stable- fixes). * accel/habanalabs/gaudi2: unsecure tpc count registers (stable-fixes). * acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes). * ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467). * ACPI: resource: Fix memory resource type union access (git-fixes). * ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable- fixes). * ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable- fixes). * ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable- fixes). * ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) * ACPICA: events/evxfregn: do not release the ContextMutex that was never acquired (git-fixes). * af_unix: Call manage_oob() for every skb in unix_stream_read_generic() (bsc#1234725). * afs: Automatically generate trace tag enums (git-fixes). * afs: Fix missing subdir edit when renamed between parent dirs (git-fixes). * ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: seq: Check UMP support for midi_version change (git-fixes). * ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). * ALSA: seq: ump: Fix seq port updates per FB info notify (git-fixes). * ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes). * ALSA: seq: ump: Use guard() for locking (stable-fixes). * ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes). * ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). * amdgpu/uvd: get ring reference from rq scheduler (git-fixes). * arch: consolidate arch_irq_work_raise prototypes (git-fixes). * arch: Introduce arch_{,try_}_cmpxchg128{,_local}() (bsc#1220773). * arch: Remove cmpxchg_double (bsc#1220773). * arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes). * arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) * arm64: Force position-independent veneers (git-fixes). * ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen 5 21MES00B00 (stable-fixes). * ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes). * ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes). * ASoC: amd: yc: Fix the wrong return value (git-fixes). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: hdmi-codec: reorder channel allocation list (stable-fixes). * ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C (stable-fixes). * ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP (stable- fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). * batman-adv: Do not let TT changes list grows indefinitely (git-fixes). * batman-adv: Do not send uninitialized TT changes (git-fixes). * batman-adv: Remove uninitialized data in full table TT response (git-fixes). * blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726). * blk-core: use pr_warn_ratelimited() in bio_check_ro() (bsc#1234139). * blk-iocost: do not WARN if iocg was already offlined (bsc#1234147). * blk-iocost: Fix an UBSAN shift-out-of-bounds warning (bsc#1234144). * blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (bsc#1234140). * block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() (bsc#1234149). * block, bfq: do not break merge chain in bfq_split_bfqq() (bsc#1234150). * block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234160). * block, bfq: fix procress reference leakage for bfqq in merge chain (bsc#1234280). * block, bfq: fix uaf for accessing waker_bfqq after splitting (bsc#1234279). * block: Call .limit_depth() after .hctx has been set (bsc#1234148). * block: Fix where bio IO priority gets set (bsc#1234145). * block: prevent an integer overflow in bvec_try_merge_hw_page (bsc#1234142). * block: update the stable_writes flag in bdev_add (bsc#1234141). * block/mq-deadline: Fix the tag reservation code (bsc#1234148). * Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable- fixes). * Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (stable- fixes). * Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes). * Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (git- fixes). * Bluetooth: iso: Fix recursive locking warning (git-fixes). * Bluetooth: ISO: Reassociate a socket with an active BIS (stable-fixes). * Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes). * Bluetooth: MGMT: Fix possible deadlocks (git-fixes). * Bluetooth: SCO: Add support for 16 bits transparent voice setting (git- fixes). * bnxt_en: Fix receive ring space parameters when XDP is active (git-fixes). * bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes). * bnxt_en: Set backplane link modes correctly for ethtool (git-fixes). * bpf, x86: Fix PROBE_MEM runtime load check (git-fixes). * bpf: verifier: prevent userspace memory access (git-fixes). * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) * can: gs_usb: add VID/PID for Xylanta SAINT3 product family (stable-fixes). * can: j1939: fix error in J1939 documentation (stable-fixes). * checkpatch: always parse orig_commit in fixes tag (git-fixes). * checkpatch: check for missing Fixes tags (stable-fixes). * clocksource/drivers:sp804: Make user selectable (git-fixes). * clocksource/drivers/timer-ti-dm: Fix child node refcount handling (git- fixes). * counter: stm32-timer-cnt: Add check for clk_enable() (git-fixes). * counter: ti-ecap-capture: Add check for clk_enable() (git-fixes). * crypto: qat - disable IOV in adf_dev_stop() (git-fixes). * crypto: x86/sha256 - Add parentheses around macros' single arguments (stable-fixes). * cyrpto/b128ops: Remove struct u128 (bsc#1220773). * devlink: Fix length of eswitch inline-mode (git-fixes). * dma-buf: fix dma_fence_array_signaled v4 (stable-fixes). * dma-debug: fix a possible deadlock on radix_lock (stable-fixes). * dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes). * dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git- fixes). * dmaengine: dw: Select only supported masters for ACPI devices (git-fixes). * dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). * dmaengine: mv_xor: fix child node refcount handling in early exit (git- fixes). * dmaengine: tegra: Return correct DMA status when paused (git-fixes). * Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git- fixes). * driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link (stable-fixes). * driver core: fw_devlink: Improve logs for cycle detection (stable-fixes). * driver core: fw_devlink: Stop trying to optimize cycle detection logic (git- fixes). * Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git- fixes). * drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path (git-fixes). * drm: adv7511: Drop dsi single lane support (git-fixes). * drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes). * drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). * drm/amd/display: Add HDR workaround for specific eDP (stable-fixes). * drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw (stable-fixes). * drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes). * drm/amd/display: Avoid overflow assignment in link_dp_cts (stable-fixes). * drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable- fixes). * drm/amd/display: Revert Avoid overflow assignment (stable-fixes). * drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces (stable- fixes). * drm/amd/pm: fix the high voltage issue after unload (stable-fixes). * drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu v13.0.7 (stable-fixes). * drm/amdgpu: add raven1 gfxoff quirk (stable-fixes). * drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes). * drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes). * drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes). * drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes). * drm/amdgpu: differentiate external rev id for gfx 11.5.0 (stable-fixes). * drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable- fixes). * drm/amdgpu: do not access invalid sched (git-fixes). * drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes). * drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable- fixes). * drm/amdgpu: fix usage slab after free (stable-fixes). * drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes). * drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable- fixes). * drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes). * drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes). * drm/amdgpu/gfx10: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/gfx11: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/gfx9: properly handle error ints on all pipes (stable-fixes). * drm/amdgpu/gfx9: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes). * drm/amdgpu/pm: Remove gpu_od if it's an empty directory (stable-fixes). * drm/amdgpu/umsch: do not execute umsch test when GPU is in reset/suspend (stable-fixes). * drm/amdgpu/umsch: reinitialize write pointer in hw init (stable-fixes). * drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes). * drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes). * drm/amdkfd: pause autosuspend when creating pdd (stable-fixes). * drm/amdkfd: Use device based logging for errors (stable-fixes). * drm/amdkfd: Use the correct wptr size (stable-fixes). * drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). * drm/bridge: it6505: Enable module autoloading (stable-fixes). * drm/bridge: it6505: Fix inverted reset polarity (git-fixes). * drm/bridge: it6505: update usleep_range for RC circuit charge time (stable- fixes). * drm/display: Fix building with GCC 15 (stable-fixes). * drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). * drm/dp_mst: Fix MST sideband message body length check (stable-fixes). * drm/dp_mst: Fix resetting msg rx state after topology removal (git-fixes). * drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes). * drm/etnaviv: flush shader L1 cache after user commandstream (stable-fixes). * drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes). * drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes). * drm/i915/dg1: Fix power gate sequence (git-fixes). * drm/mcde: Enable module autoloading (stable-fixes). * drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable- fixes). * drm/nouveau/gsp: Use the sg allocator for level 2 of radix3 (stable-fixes). * drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git- fixes). * drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes). * drm/printer: Allow NULL data in devcoredump printer (stable-fixes). * drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes). * drm/radeon: change rdev->ddev to rdev_to_drm(rdev) (stable-fixes). * drm/radeon: Fix spurious unplug event on radeon HDMI (git-fixes). * drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable- fixes). * drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes). * drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes). * drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes). * drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes). * erofs: avoid debugging output for (de)compressed data (git-fixes). * exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). * ext4: add a new helper to check if es must be kept (bsc#1234170). * ext4: add correct group descriptors and reserved GDT blocks to system zone (bsc#1234164). * ext4: add missed brelse in update_backups (bsc#1234171). * ext4: allow for the last group to be marked as trimmed (bsc#1234278). * ext4: avoid buffer_head leak in ext4_mark_inode_used() (bsc#1234191). * ext4: avoid excessive credit estimate in ext4_tmpfile() (bsc#1234180). * ext4: avoid negative min_clusters in find_group_orlov() (bsc#1234193). * ext4: avoid overlapping preallocations due to overflow (bsc#1234162). * ext4: avoid potential buffer_head leak in __ext4_new_inode() (bsc#1234192). * ext4: avoid writing unitialized memory to disk in EA inodes (bsc#1234187). * ext4: check the extent status again before inserting delalloc block (bsc#1234186). * ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard (bsc#1234190). * ext4: convert to exclusive lock while inserting delalloc extents (bsc#1234178). * ext4: correct best extent lstart adjustment logic (bsc#1234179). * ext4: correct grp validation in ext4_mb_good_group (bsc#1234163). * ext4: correct return value of ext4_convert_meta_bg (bsc#1234172). * ext4: correct the hole length returned by ext4_map_blocks() (bsc#1234178). * ext4: correct the start block of counting reserved clusters (bsc#1234169). * ext4: do not let fstrim block system suspend (https://bugzilla.kernel.org/show_bug.cgi?id=216322 bsc#1234166). * ext4: do not trim the group with corrupted block bitmap (bsc#1234177). * ext4: factor out __es_alloc_extent() and __es_free_extent() (bsc#1234170). * ext4: factor out a common helper to query extent map (bsc#1234186). * ext4: fix inconsistent between segment fstrim and full fstrim (bsc#1234176). * ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() (bsc#1234188). * ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() (bsc#1234188). * ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() (bsc#1234188). * ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954). * ext4: fix potential unnitialized variable (bsc#1234183). * ext4: fix race between writepages and remount (bsc#1234168). * ext4: fix rec_len verify error (bsc#1234167). * ext4: fix slab-use-after-free in ext4_es_insert_extent() (bsc#1234170). * ext4: fix uninitialized variable in ext4_inlinedir_to_tree (bsc#1234185). * ext4: forbid commit inconsistent quota data when errors=remount-ro (bsc#1234178). * ext4: make ext4_es_insert_delayed_block() return void (bsc#1234170). * ext4: make ext4_es_insert_extent() return void (bsc#1234170). * ext4: make ext4_es_remove_extent() return void (bsc#1234170). * ext4: make ext4_zeroout_es() return void (bsc#1234170). * ext4: make sure allocate pending entry not fail (bsc#1234170). * ext4: mark buffer new if it is unwritten to avoid stale data exposure (bsc#1234175). * ext4: move 'ix' sanity check to corrent position (bsc#1234174). * ext4: move setting of trimmed bit into ext4_try_to_trim_range() (bsc#1234165). * ext4: nested locking for xattr inode (bsc#1234189). * ext4: propagate errors from ext4_find_extent() in ext4_insert_range() (bsc#1234194). * ext4: refactor ext4_da_map_blocks() (bsc#1234178). * ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (bsc#1234173). * ext4: remove the redundant folio_wait_stable() (bsc#1234184). * ext4: set the type of max_zeroout to unsigned int to avoid overflow (bsc#1234182). * ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (bsc#1234181). * ext4: use pre-allocated es in __es_insert_extent() (bsc#1234170). * ext4: use pre-allocated es in __es_remove_extent() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_insert_delayed_block() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_insert_extent() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_remove_extent() (bsc#1234170). * filemap: add a per-mapping stable writes flag (bsc#1234141). * filemap: Fix bounds checking in filemap_read() (bsc#1234209). * firmware: arm_scmi: Reject clear channel request on A2P (stable-fixes). * fs-writeback: do not requeue a clean inode having skipped pages (bsc#1234200). * fs/writeback: bail out if there is no more inodes for IO and queued once (bsc#1234207). * fsnotify: fix sending inotify event with unexpected filename (bsc#1234198). * genirq/cpuhotplug: Retry with cpu_online_mask when migration fails (git- fixes). * genirq/cpuhotplug: Skip suspended interrupts when restoring affinity (git- fixes). * genirq/irqdesc: Honor caller provided affinity in alloc_desc() (git-fixes). * gpio: grgpio: Add NULL check in grgpio_probe (git-fixes). * gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes). * hfsplus: do not query the device logical block size multiple times (git- fixes). * HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes). * hvc/xen: fix console unplug (git-fixes). * hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (git-fixes). * hvc/xen: fix event channel handling for secondary consoles (git-fixes). * hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable- fixes). * hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK (stable-fixes). * hwmon: (pmbus/core) clear faults after setting smbalert mask (git-fixes). * hwmon: (tmp513) Do not use "proxy" headers (stable-fixes). * hwmon: (tmp513) Fix Current Register value interpretation (git-fixes). * hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes). * hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes). * hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes). * hwmon: (tmp513) Use SI constants from units.h (stable-fixes). * i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git- fixes). * i2c: microchip-core: actually use repeated sends (git-fixes). * i2c: microchip-core: fix "ghost" detections (git-fixes). * i2c: pnx: Fix timeout in wait functions (git-fixes). * i2c: riic: Always round-up when calculating bus period (git-fixes). * i40e: Fix handling changed priv flags (git-fixes). * i915/guc: Accumulate active runtime on gt reset (git-fixes). * i915/guc: Ensure busyness counter increases motonically (git-fixes). * i915/guc: Reset engine utilization buffer before registration (git-fixes). * ice: change q_index variable type to s16 to store -1 value (git-fixes). * ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes). * ice: fix PHY Clock Recovery availability check (git-fixes). * ice: Unbind the workqueue (bsc#1234989) * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * igb: Fix potential invalid memory access in igb_init_module() (git-fixes). * iio: magnetometer: yas530: use signed integer type for clamp limits (git- fixes). * instrumentation: Wire up cmpxchg128() (bsc#1220773). * io_uring: always lock __io_cqring_overflow_flush (git-fixes). * io_uring: check if iowq is killed before queuing (git-fixes). * io_uring: Fix registered ring file refcount leak (git-fixes). * io_uring/rw: avoid punting to io-wq directly (git-fixes). * io_uring/tctx: work around xa_store() allocation error issue (git-fixes). * iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated tables (git- fixes). * irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (git-fixes). * isofs: handle CDs with bad root inode but good Joliet root directory (bsc#1234199). * ixgbe: downgrade logging of unsupported VF API version to debug (git-fixes). * ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (git-fixes). * jffs2: Fix rtime decompressor (git-fixes). * jffs2: fix use of uninitialized variable (git-fixes). * jffs2: Prevent rtime decompress memory corruption (git-fixes). * jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git- fixes). * jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). * jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). * jfs: fix shift-out-of-bounds in dbSplit (git-fixes). * jfs: xattr: check invalid xattr size more strictly (git-fixes). * kasan: make report_lock a raw spinlock (git-fixes). * kdb: address -Wformat-security warnings (bsc#1234659). * kdb: Fix buffer overflow during tab-complete (bsc#1234652). * kdb: Fix console handling when editing and tab-completing commands (bsc#1234655). * kdb: Merge identical case statements in kdb_read() (bsc#1234657). * kdb: Use format-specifiers rather than memset() for padding in kdb_read() (bsc#1234658). * kdb: Use format-strings rather than '\0' injection in kdb_read() (bsc#1234654). * kdb: Use the passed prompt in kdb_position_cursor() (bsc#1234654). * kgdb: Flush console before entering kgdb on panic (bsc#1234651). * leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes). * linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes). * locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix). * loop: fix the the direct I/O support check when used on top of block devices (bsc#1234143). * mac80211: fix user-power when emulating chanctx (stable-fixes). * media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable- fixes). * media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git- fixes). * media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes). * media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes). * mfd: da9052-spi: Change read-mask to write-mask (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (git-fixes). * mm/filemap: avoid buffered read/write race to read inconsistent data (bsc#1234204). * mm/readahead: do not allow order-1 folio (bsc#1234205). * mm/readahead: limit page cache size in page_cache_ra_order() (bsc#1234208). * mmc: core: Add SD card quirk for broken poweroff notification (stable- fixes). * mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes). * mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes). * mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes). * mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes). * mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git- fixes). * mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes). * mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes). * mtd: hyperbus: rpc-if: Convert to platform remove callback returning void (stable-fixes). * mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes). * mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes). * mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes). * net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (git-fixes). * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (git-fixes). * net: usb: qmi_wwan: add Quectel RG650V (stable-fixes). * net/ipv6: release expired exception dst cached in socket (bsc#1216813). * net/mlx5e: clear xdp features on non-uplink representors (git-fixes). * net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes). * net/mlx5e: Remove workaround to avoid syndrome for internal port (git- fixes). * net/qed: allow old cards not supporting "num_images" to work (git-fixes). * nfs: ignore SB_RDONLY when mounting nfs (git-fixes). * NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git- fixes). * NFSD: Async COPY result needs to return a write verifier (git-fixes). * NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (git- fixes). * nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (git-fixes). * NFSD: Fix nfsd4_shutdown_copy() (git-fixes). * NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point (git-fixes). * nfsd: make sure exp active before svc_export_show (git-fixes). * NFSD: Prevent a potential integer overflow (git-fixes). * NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). * nfsd: release svc_expkey/svc_export with rcu_work (git-fixes). * NFSD: Remove a never-true comparison (git-fixes). * nfsd: restore callback functionality for NFSv4.0 (git-fixes). * NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git- fixes). * nilfs2: fix buffer head leaks in calls to truncate_inode_pages() (git- fixes). * nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). * nilfs2: prevent use of deleted inode (git-fixes). * nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). * nvme-rdma: unquiesce admin_q before destroy it (git-fixes). * nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). * nvme: apple: fix device reference counting (git-fixes). * nvme: fix metadata handling in nvme-passthrough (git-fixes). * nvme/multipath: Fix RCU list traversal to use SRCU primitive (git-fixes). * nvmet-loop: avoid using mutex in IO hotpath (git-fixes). * ocfs2: fix uninitialized value in ocfs2_file_read_iter() (git-fixes). * ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes). * Octeontx2-pf: Free send queue buffers incase of leaf to inner (git-fixes). * of: address: Report error on resource bounds overflow (stable-fixes). * of: Fix error path in of_parse_phandle_with_args_map() (git-fixes). * of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git- fixes). * of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes). * parisc: Raise minimal GCC version (bsc#1220773). * parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix). * PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes). * PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes). * PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes). * PCI: Add T_PERST_CLK_US macro (git-fixes). * PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() (stable-fixes). * PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes). * PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (stable-fixes). * PCI: Detect and trust built-in Thunderbolt chips (stable-fixes). * PCI: Fix use-after-free of slot->bus on hot remove (stable-fixes). * PCI: j721e: Add PCIe 4x lane selection support (stable-fixes). * PCI: j721e: Add per platform maximum lane settings (stable-fixes). * PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes). * PCI: j721e: Add suspend and resume support (git-fixes). * PCI: j721e: Use T_PERST_CLK_US macro (git-fixes). * PCI: qcom: Add support for IPQ9574 (stable-fixes). * PCI: Use preserve_config in place of pci_flags (stable-fixes). * PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable- fixes). * PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes). * PCI/AER: Disable AER service on suspend (stable-fixes). * PCI/MSI: Handle lack of irqdomain gracefully (git-fixes). * percpu: Add {raw,this}_cpu_try_cmpxchg() (bsc#1220773). * percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix). * percpu: Wire up cmpxchg128 (bsc#1220773). * phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes). * phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git- fixes). * phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes). * phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git- fixes). * phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes). * phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes). * phy: rockchip: naneng-combphy: fix phy reset (git-fixes). * phy: usb: Toggle the PHY power during init (git-fixes). * pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). * pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes). * pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes). * pinmux: Use sequential access to access desc->pinmux data (stable-fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). * platform/x86: dell-smbios-base: Extends support to Alienware products (stable-fixes). * platform/x86: dell-wmi-base: Handle META key Lock/Unlock events (stable- fixes). * platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed (stable-fixes). * power: supply: gpio-charger: Fix set charge current limits (git-fixes). * powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). * proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git- fixes). * quota: explicitly forbid quota files from being encrypted (bsc#1234196). * quota: Fix rcu annotations of inode dquot pointers (bsc#1234197). * quota: flush quota_release_work upon quota writeback (bsc#1234195). * quota: simplify drop_dquot_ref() (bsc#1234197). * RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467). * RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes) * RDMA/bnxt_re: Avoid initializing the software queue for user queues (git- fixes) * RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes) * RDMA/bnxt_re: Disable use of reserved wqes (git-fixes) * RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes) * RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes) * RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes) * RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes) * RDMA/bnxt_re: Remove always true dattr validity check (git-fixes) * RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes) * RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes) * RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes) * RDMA/hns: Fix missing flush CQE for DWQE (git-fixes) * RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes) * RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes) * RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes) * RDMA/uverbs: Prevent integer overflow issue (git-fixes) * readahead: use ilog2 instead of a while loop in page_cache_ra_order() (bsc#1234208). * regmap: Use correct format specifier for logging range errors (stable- fixes). * regulator: rk808: Add apply_bit for BUCK3 on RK809 (stable-fixes). * rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes). * s390/cio: Do not unregister the subchannel based on DNV (git-fixes). * s390/cpum_sf: Convert to cmpxchg128() (bsc#1220773). * s390/cpum_sf: Handle CPU hotplug remove during sampling (git-fixes). * s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes). * s390/facility: Disable compile time optimization for decompressor code (git- fixes). * s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (git-fixes). * s390/pageattr: Implement missing kernel_page_present() (git-fixes). * scatterlist: fix incorrect func name in kernel-doc (git-fixes). * sched/numa: fix memory leak due to the overwritten vma->numab_state (git fixes (sched/numa)). * scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). * scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). * scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). * scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). * scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). * scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). * scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). * scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). * scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). * scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). * scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). * scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). * scsi: qla2xxx: Fix use after free on unload (bsc#1235406). * scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). * scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port (bsc#1235406). * scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). * scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64 (git-fixes). * serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes). * serial: 8250_dw: Do not use struct dw8250_data outside of 8250_dw (git- fixes). * serial: 8250_dw: Replace ACPI device check by a quirk (git-fixes). * serial: 8250_fintek: Add support for F81216E (stable-fixes). * serial: amba-pl011: fix build regression (git-fixes). * serial: amba-pl011: Fix RX stall when DMA is used (git-fixes). * serial: amba-pl011: Use port lock wrappers (stable-fixes). * serial: Do not hold the port lock when setting rx-during-tx GPIO (git- fixes). * serial: do not use uninitialized value in uart_poll_init() (git-fixes). * serial: imx: only set receiver level if it is zero (git-fixes). * serial: imx: set receiver level before starting uart (git-fixes). * serial: qcom-geni: disable interrupts during console writes (git-fixes). * serial: qcom-geni: Do not cancel/abort if we can't get the port lock (git- fixes). * serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() (git- fixes). * serial: qcom-geni: fix console corruption (git-fixes). * serial: qcom-geni: fix dma rx cancellation (git-fixes). * serial: qcom-geni: fix false console tx restart (git-fixes). * serial: qcom-geni: fix fifo polling timeout (git-fixes). * serial: qcom-geni: fix hard lockup on buffer flush (git-fixes). * serial: qcom-geni: fix polled console corruption (git-fixes). * serial: qcom-geni: fix polled console initialisation (git-fixes). * serial: qcom-geni: fix receiver enable (git-fixes). * serial: qcom-geni: fix shutdown race (git-fixes). * serial: qcom-geni: fix soft lockup on sw flow control and suspend (git- fixes). * serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() (git-fixes). * serial: qcom-geni: revert broken hibernation support (git-fixes). * serial: stm32: do not always set SER_RS485_RX_DURING_TX if RS485 is enabled (git-fixes). * serial: stm32: Return IRQ_NONE in the ISR if no handling happend (git- fixes). * slub: Replace cmpxchg_double() - KABI fix (bsc#1220773). * slub: Replace cmpxchg_double() (bsc#1220773). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: fix issue described in bsc#1233642] * soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes). * soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version (stable-fixes). * soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version (stable-fixes). * soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes). * soc: fsl: cpm1: qmc: Set the ret error code on platform_get_irq() failure (git-fixes). * soc: imx8m: Probe the SoC driver as platform driver (stable-fixes). * soc: qcom: Add check devm_kasprintf() returned value (stable-fixes). * soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers (git- fixes). * soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition (git-fixes). * soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (git-fixes). * soc/fsl: cpm: qmc: Convert to platform remove callback returning void (stable-fixes). * spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes). * sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (git-fixes). * sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (git-fixes). * sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes). * SUNRPC: make sure cache entry active before cache_show (git-fixes). * SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (git-fixes). * svcrdma: Address an integer overflow (git-fixes). * svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git- fixes). * swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes). * swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (git-fixes). * thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes). * tools: hv: change permissions of NetworkManager configuration file (git- fixes). * tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) * tpm/eventlog: Limit memory allocations for event logs with excessive size (bsc#1233260 bsc#1233259 bsc#1232421). * tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes). * types: Introduce [us]128 (bsc#1220773). * ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git- fixes). * ubifs: Correct the total block count by deducting journal reservation (git- fixes). * udf: Fix lock ordering in udf_evict_inode() (bsc#1234238). * udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243). * udf: prevent integer overflow in udf_bitmap_free_blocks() (bsc#1234239). * udf: refactor inode_bmap() to handle error (bsc#1234242). * udf: refactor udf_current_aext() to handle error (bsc#1234240). * udf: refactor udf_next_aext() to handle error (bsc#1234241). * udf: udftime: prevent overflow in udf_disk_stamp_to_time() (bsc#1234237). * usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver (stable-fixes). * usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes). * usb: cdns3: Add quirk flag to enable suspend residency (stable-fixes). * usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable- fixes). * usb: dwc2: Fix HCD port connection race (git-fixes). * usb: dwc2: Fix HCD resume (git-fixes). * usb: dwc2: gadget: Do not write invalid mapped sg entries into dma_desc with iommu enabled (stable-fixes). * usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes). * usb: dwc3: ep0: Do not clear ep0 DWC3_EP_TRANSFER_STARTED (git-fixes). * usb: dwc3: ep0: Do not reset resource alloc flag (git-fixes). * usb: dwc3: ep0: Do not reset resource alloc flag (including ep0) (git- fixes). * usb: dwc3: gadget: Rewrite endpoint allocation flow (stable-fixes). * usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes). * usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes). * usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes). * usb: host: max3421-hcd: Correctly abort a USB request (git-fixes). * USB: serial: option: add MediaTek T7XX compositions (stable-fixes). * USB: serial: option: add MeiG Smart SLM770A (stable-fixes). * USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable- fixes). * USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes). * USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes). * usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes). * usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes). * usb: typec: use cleanup facility for 'altmodes_node' (stable-fixes). * vdpa: solidrun: Fix UB bug with devres (git-fixes). * vDPA/ifcvf: Fix pci_read_config_byte() return code handling (git-fixes). * vdpa/mlx5: Fix PA offset with unaligned starting iotlb map (git-fixes). * vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes). * vfs: fix readahead(2) on block devices (bsc#1234201). * wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes). * wifi: ath5k: add PCI ID for SX76X (git-fixes). * wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes). * wifi: cfg80211: sme: init n_channels before channels[] access (git-fixes). * wifi: cw1200: Fix potential NULL dereference (git-fixes). * wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes). * wifi: iwlwifi: mvm: Use the sync timepoint API in suspend (stable-fixes). * wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() (stable- fixes). * wifi: mac80211: fix station NSS capability initialization order (git-fixes). * wifi: mac80211: init cnt before accessing elem in ieee80211_copy_mbssid_beacon (git-fixes). * wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one (git-fixes). * wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures (stable-fixes). * wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable- fixes). * workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). * writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (bsc#1234203). * x86,amd_iommu: Replace cmpxchg_double() (bsc#1220773). * x86,intel_iommu: Replace cmpxchg_double() (bsc#1220773). * x86/hyperv: Fix hv tsc page based sched_clock for hibernation (git-fixes). * xfs: do not allocate COW extents when unsharing a hole (git-fixes). * xfs: fix sb_spino_align checks for large fsblock sizes (git-fixes). * xfs: remove unknown compat feature check in superblock write validation (git-fixes). * xfs: return from xfs_symlink_verify early on V4 filesystems (git-fixes). * xfs: sb_spino_align is not verified (git-fixes). * xhci: Add usb cold attach (CAS) as a reason to resume root hub (git-fixes). * xhci: Allow RPM on the USB controller (1022:43f7) by default (stable-fixes). * xhci: fix possible null pointer deref during xhci urb enqueue (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-117=1 openSUSE-SLE-15.6-2025-117=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-117=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * kernel-azure-extra-debuginfo-6.4.0-150600.8.23.1 * cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.23.1 * ocfs2-kmp-azure-6.4.0-150600.8.23.1 * kselftests-kmp-azure-6.4.0-150600.8.23.1 * dlm-kmp-azure-debuginfo-6.4.0-150600.8.23.1 * kernel-azure-optional-6.4.0-150600.8.23.1 * reiserfs-kmp-azure-6.4.0-150600.8.23.1 * cluster-md-kmp-azure-6.4.0-150600.8.23.1 * reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.23.1 * kernel-azure-devel-debuginfo-6.4.0-150600.8.23.1 * kernel-azure-optional-debuginfo-6.4.0-150600.8.23.1 * gfs2-kmp-azure-debuginfo-6.4.0-150600.8.23.1 * kernel-azure-debugsource-6.4.0-150600.8.23.1 * kernel-azure-devel-6.4.0-150600.8.23.1 * kselftests-kmp-azure-debuginfo-6.4.0-150600.8.23.1 * dlm-kmp-azure-6.4.0-150600.8.23.1 * kernel-azure-extra-6.4.0-150600.8.23.1 * kernel-syms-azure-6.4.0-150600.8.23.1 * ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.23.1 * kernel-azure-debuginfo-6.4.0-150600.8.23.1 * gfs2-kmp-azure-6.4.0-150600.8.23.1 * openSUSE Leap 15.6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.23.1 * openSUSE Leap 15.6 (x86_64) * kernel-azure-vdso-6.4.0-150600.8.23.1 * kernel-azure-vdso-debuginfo-6.4.0-150600.8.23.1 * openSUSE Leap 15.6 (noarch) * kernel-source-azure-6.4.0-150600.8.23.1 * kernel-devel-azure-6.4.0-150600.8.23.1 * Public Cloud Module 15-SP6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.23.1 * Public Cloud Module 15-SP6 (aarch64 x86_64) * kernel-azure-devel-debuginfo-6.4.0-150600.8.23.1 * kernel-syms-azure-6.4.0-150600.8.23.1 * kernel-azure-debugsource-6.4.0-150600.8.23.1 * kernel-azure-debuginfo-6.4.0-150600.8.23.1 * kernel-azure-devel-6.4.0-150600.8.23.1 * Public Cloud Module 15-SP6 (noarch) * kernel-source-azure-6.4.0-150600.8.23.1 * kernel-devel-azure-6.4.0-150600.8.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26924.html * https://www.suse.com/security/cve/CVE-2024-27397.html * https://www.suse.com/security/cve/CVE-2024-35839.html * https://www.suse.com/security/cve/CVE-2024-36908.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-39480.html * https://www.suse.com/security/cve/CVE-2024-41042.html * https://www.suse.com/security/cve/CVE-2024-44934.html * https://www.suse.com/security/cve/CVE-2024-44996.html * https://www.suse.com/security/cve/CVE-2024-47678.html * https://www.suse.com/security/cve/CVE-2024-49854.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49915.html * https://www.suse.com/security/cve/CVE-2024-50016.html * https://www.suse.com/security/cve/CVE-2024-50018.html * https://www.suse.com/security/cve/CVE-2024-50039.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50143.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-50202.html * https://www.suse.com/security/cve/CVE-2024-50203.html * https://www.suse.com/security/cve/CVE-2024-50211.html * https://www.suse.com/security/cve/CVE-2024-50228.html * https://www.suse.com/security/cve/CVE-2024-50256.html * https://www.suse.com/security/cve/CVE-2024-50262.html * https://www.suse.com/security/cve/CVE-2024-50272.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50279.html * https://www.suse.com/security/cve/CVE-2024-50280.html * https://www.suse.com/security/cve/CVE-2024-53050.html * https://www.suse.com/security/cve/CVE-2024-53064.html * https://www.suse.com/security/cve/CVE-2024-53090.html * https://www.suse.com/security/cve/CVE-2024-53099.html * https://www.suse.com/security/cve/CVE-2024-53103.html * https://www.suse.com/security/cve/CVE-2024-53105.html * https://www.suse.com/security/cve/CVE-2024-53111.html * https://www.suse.com/security/cve/CVE-2024-53113.html * https://www.suse.com/security/cve/CVE-2024-53117.html * https://www.suse.com/security/cve/CVE-2024-53118.html * https://www.suse.com/security/cve/CVE-2024-53119.html * https://www.suse.com/security/cve/CVE-2024-53120.html * https://www.suse.com/security/cve/CVE-2024-53122.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-53126.html * https://www.suse.com/security/cve/CVE-2024-53127.html * https://www.suse.com/security/cve/CVE-2024-53129.html * https://www.suse.com/security/cve/CVE-2024-53130.html * https://www.suse.com/security/cve/CVE-2024-53131.html * https://www.suse.com/security/cve/CVE-2024-53133.html * https://www.suse.com/security/cve/CVE-2024-53134.html * https://www.suse.com/security/cve/CVE-2024-53136.html * https://www.suse.com/security/cve/CVE-2024-53141.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53148.html * https://www.suse.com/security/cve/CVE-2024-53150.html * https://www.suse.com/security/cve/CVE-2024-53151.html * https://www.suse.com/security/cve/CVE-2024-53154.html * https://www.suse.com/security/cve/CVE-2024-53155.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53157.html * https://www.suse.com/security/cve/CVE-2024-53158.html * https://www.suse.com/security/cve/CVE-2024-53159.html * https://www.suse.com/security/cve/CVE-2024-53160.html * https://www.suse.com/security/cve/CVE-2024-53161.html * https://www.suse.com/security/cve/CVE-2024-53162.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53169.html * https://www.suse.com/security/cve/CVE-2024-53171.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53174.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53180.html * https://www.suse.com/security/cve/CVE-2024-53188.html * https://www.suse.com/security/cve/CVE-2024-53190.html * https://www.suse.com/security/cve/CVE-2024-53191.html * https://www.suse.com/security/cve/CVE-2024-53200.html * https://www.suse.com/security/cve/CVE-2024-53201.html * https://www.suse.com/security/cve/CVE-2024-53202.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53207.html * https://www.suse.com/security/cve/CVE-2024-53208.html * https://www.suse.com/security/cve/CVE-2024-53209.html * https://www.suse.com/security/cve/CVE-2024-53210.html * https://www.suse.com/security/cve/CVE-2024-53213.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53215.html * https://www.suse.com/security/cve/CVE-2024-53216.html * https://www.suse.com/security/cve/CVE-2024-53217.html * https://www.suse.com/security/cve/CVE-2024-53222.html * https://www.suse.com/security/cve/CVE-2024-53224.html * https://www.suse.com/security/cve/CVE-2024-53229.html * https://www.suse.com/security/cve/CVE-2024-53234.html * https://www.suse.com/security/cve/CVE-2024-53237.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56536.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56549.html * https://www.suse.com/security/cve/CVE-2024-56551.html * https://www.suse.com/security/cve/CVE-2024-56562.html * https://www.suse.com/security/cve/CVE-2024-56566.html * https://www.suse.com/security/cve/CVE-2024-56567.html * https://www.suse.com/security/cve/CVE-2024-56576.html * https://www.suse.com/security/cve/CVE-2024-56582.html * https://www.suse.com/security/cve/CVE-2024-56599.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56645.html * https://www.suse.com/security/cve/CVE-2024-56667.html * https://www.suse.com/security/cve/CVE-2024-56752.html * https://www.suse.com/security/cve/CVE-2024-56754.html * https://www.suse.com/security/cve/CVE-2024-56755.html * https://www.suse.com/security/cve/CVE-2024-56756.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1214954 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1220773 * https://bugzilla.suse.com/show_bug.cgi?id=1224095 * https://bugzilla.suse.com/show_bug.cgi?id=1224726 * https://bugzilla.suse.com/show_bug.cgi?id=1225743 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225820 * https://bugzilla.suse.com/show_bug.cgi?id=1227445 * https://bugzilla.suse.com/show_bug.cgi?id=1228526 * https://bugzilla.suse.com/show_bug.cgi?id=1229809 * https://bugzilla.suse.com/show_bug.cgi?id=1230205 * https://bugzilla.suse.com/show_bug.cgi?id=1230413 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1231854 * https://bugzilla.suse.com/show_bug.cgi?id=1231909 * https://bugzilla.suse.com/show_bug.cgi?id=1231963 * https://bugzilla.suse.com/show_bug.cgi?id=1232193 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232419 * https://bugzilla.suse.com/show_bug.cgi?id=1232420 * https://bugzilla.suse.com/show_bug.cgi?id=1232421 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1233038 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233096 * https://bugzilla.suse.com/show_bug.cgi?id=1233200 * https://bugzilla.suse.com/show_bug.cgi?id=1233204 * https://bugzilla.suse.com/show_bug.cgi?id=1233239 * https://bugzilla.suse.com/show_bug.cgi?id=1233259 * https://bugzilla.suse.com/show_bug.cgi?id=1233260 * https://bugzilla.suse.com/show_bug.cgi?id=1233324 * https://bugzilla.suse.com/show_bug.cgi?id=1233328 * https://bugzilla.suse.com/show_bug.cgi?id=1233461 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233468 * https://bugzilla.suse.com/show_bug.cgi?id=1233469 * https://bugzilla.suse.com/show_bug.cgi?id=1233546 * https://bugzilla.suse.com/show_bug.cgi?id=1233558 * https://bugzilla.suse.com/show_bug.cgi?id=1233637 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1233772 * https://bugzilla.suse.com/show_bug.cgi?id=1233837 * https://bugzilla.suse.com/show_bug.cgi?id=1234024 * https://bugzilla.suse.com/show_bug.cgi?id=1234069 * https://bugzilla.suse.com/show_bug.cgi?id=1234071 * https://bugzilla.suse.com/show_bug.cgi?id=1234073 * https://bugzilla.suse.com/show_bug.cgi?id=1234075 * https://bugzilla.suse.com/show_bug.cgi?id=1234076 * https://bugzilla.suse.com/show_bug.cgi?id=1234077 * https://bugzilla.suse.com/show_bug.cgi?id=1234079 * https://bugzilla.suse.com/show_bug.cgi?id=1234086 * https://bugzilla.suse.com/show_bug.cgi?id=1234139 * https://bugzilla.suse.com/show_bug.cgi?id=1234140 * https://bugzilla.suse.com/show_bug.cgi?id=1234141 * https://bugzilla.suse.com/show_bug.cgi?id=1234142 * https://bugzilla.suse.com/show_bug.cgi?id=1234143 * https://bugzilla.suse.com/show_bug.cgi?id=1234144 * https://bugzilla.suse.com/show_bug.cgi?id=1234145 * https://bugzilla.suse.com/show_bug.cgi?id=1234146 * https://bugzilla.suse.com/show_bug.cgi?id=1234147 * https://bugzilla.suse.com/show_bug.cgi?id=1234148 * https://bugzilla.suse.com/show_bug.cgi?id=1234149 * https://bugzilla.suse.com/show_bug.cgi?id=1234150 * https://bugzilla.suse.com/show_bug.cgi?id=1234153 * https://bugzilla.suse.com/show_bug.cgi?id=1234155 * https://bugzilla.suse.com/show_bug.cgi?id=1234156 * https://bugzilla.suse.com/show_bug.cgi?id=1234158 * https://bugzilla.suse.com/show_bug.cgi?id=1234159 * https://bugzilla.suse.com/show_bug.cgi?id=1234160 * https://bugzilla.suse.com/show_bug.cgi?id=1234161 * https://bugzilla.suse.com/show_bug.cgi?id=1234162 * https://bugzilla.suse.com/show_bug.cgi?id=1234163 * https://bugzilla.suse.com/show_bug.cgi?id=1234164 * https://bugzilla.suse.com/show_bug.cgi?id=1234165 * https://bugzilla.suse.com/show_bug.cgi?id=1234166 * https://bugzilla.suse.com/show_bug.cgi?id=1234167 * https://bugzilla.suse.com/show_bug.cgi?id=1234168 * https://bugzilla.suse.com/show_bug.cgi?id=1234169 * https://bugzilla.suse.com/show_bug.cgi?id=1234170 * https://bugzilla.suse.com/show_bug.cgi?id=1234171 * https://bugzilla.suse.com/show_bug.cgi?id=1234172 * https://bugzilla.suse.com/show_bug.cgi?id=1234173 * https://bugzilla.suse.com/show_bug.cgi?id=1234174 * https://bugzilla.suse.com/show_bug.cgi?id=1234175 * https://bugzilla.suse.com/show_bug.cgi?id=1234176 * https://bugzilla.suse.com/show_bug.cgi?id=1234177 * https://bugzilla.suse.com/show_bug.cgi?id=1234178 * https://bugzilla.suse.com/show_bug.cgi?id=1234179 * https://bugzilla.suse.com/show_bug.cgi?id=1234180 * https://bugzilla.suse.com/show_bug.cgi?id=1234181 * https://bugzilla.suse.com/show_bug.cgi?id=1234182 * https://bugzilla.suse.com/show_bug.cgi?id=1234183 * https://bugzilla.suse.com/show_bug.cgi?id=1234184 * https://bugzilla.suse.com/show_bug.cgi?id=1234185 * https://bugzilla.suse.com/show_bug.cgi?id=1234186 * https://bugzilla.suse.com/show_bug.cgi?id=1234187 * https://bugzilla.suse.com/show_bug.cgi?id=1234188 * https://bugzilla.suse.com/show_bug.cgi?id=1234189 * https://bugzilla.suse.com/show_bug.cgi?id=1234190 * https://bugzilla.suse.com/show_bug.cgi?id=1234191 * https://bugzilla.suse.com/show_bug.cgi?id=1234192 * https://bugzilla.suse.com/show_bug.cgi?id=1234193 * https://bugzilla.suse.com/show_bug.cgi?id=1234194 * https://bugzilla.suse.com/show_bug.cgi?id=1234195 * https://bugzilla.suse.com/show_bug.cgi?id=1234196 * https://bugzilla.suse.com/show_bug.cgi?id=1234197 * https://bugzilla.suse.com/show_bug.cgi?id=1234198 * https://bugzilla.suse.com/show_bug.cgi?id=1234199 * https://bugzilla.suse.com/show_bug.cgi?id=1234200 * https://bugzilla.suse.com/show_bug.cgi?id=1234201 * https://bugzilla.suse.com/show_bug.cgi?id=1234203 * https://bugzilla.suse.com/show_bug.cgi?id=1234204 * https://bugzilla.suse.com/show_bug.cgi?id=1234205 * https://bugzilla.suse.com/show_bug.cgi?id=1234207 * https://bugzilla.suse.com/show_bug.cgi?id=1234208 * https://bugzilla.suse.com/show_bug.cgi?id=1234209 * https://bugzilla.suse.com/show_bug.cgi?id=1234219 * https://bugzilla.suse.com/show_bug.cgi?id=1234220 * https://bugzilla.suse.com/show_bug.cgi?id=1234221 * https://bugzilla.suse.com/show_bug.cgi?id=1234237 * https://bugzilla.suse.com/show_bug.cgi?id=1234238 * https://bugzilla.suse.com/show_bug.cgi?id=1234239 * https://bugzilla.suse.com/show_bug.cgi?id=1234240 * https://bugzilla.suse.com/show_bug.cgi?id=1234241 * https://bugzilla.suse.com/show_bug.cgi?id=1234242 * https://bugzilla.suse.com/show_bug.cgi?id=1234243 * https://bugzilla.suse.com/show_bug.cgi?id=1234278 * https://bugzilla.suse.com/show_bug.cgi?id=1234279 * https://bugzilla.suse.com/show_bug.cgi?id=1234280 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234294 * https://bugzilla.suse.com/show_bug.cgi?id=1234338 * https://bugzilla.suse.com/show_bug.cgi?id=1234357 * https://bugzilla.suse.com/show_bug.cgi?id=1234381 * https://bugzilla.suse.com/show_bug.cgi?id=1234454 * https://bugzilla.suse.com/show_bug.cgi?id=1234464 * https://bugzilla.suse.com/show_bug.cgi?id=1234605 * https://bugzilla.suse.com/show_bug.cgi?id=1234651 * https://bugzilla.suse.com/show_bug.cgi?id=1234652 * https://bugzilla.suse.com/show_bug.cgi?id=1234654 * https://bugzilla.suse.com/show_bug.cgi?id=1234655 * https://bugzilla.suse.com/show_bug.cgi?id=1234657 * https://bugzilla.suse.com/show_bug.cgi?id=1234658 * https://bugzilla.suse.com/show_bug.cgi?id=1234659 * https://bugzilla.suse.com/show_bug.cgi?id=1234668 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234725 * https://bugzilla.suse.com/show_bug.cgi?id=1234726 * https://bugzilla.suse.com/show_bug.cgi?id=1234810 * https://bugzilla.suse.com/show_bug.cgi?id=1234811 * https://bugzilla.suse.com/show_bug.cgi?id=1234826 * https://bugzilla.suse.com/show_bug.cgi?id=1234827 * https://bugzilla.suse.com/show_bug.cgi?id=1234829 * https://bugzilla.suse.com/show_bug.cgi?id=1234832 * https://bugzilla.suse.com/show_bug.cgi?id=1234834 * https://bugzilla.suse.com/show_bug.cgi?id=1234843 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234848 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234855 * https://bugzilla.suse.com/show_bug.cgi?id=1234856 * https://bugzilla.suse.com/show_bug.cgi?id=1234884 * https://bugzilla.suse.com/show_bug.cgi?id=1234889 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234899 * https://bugzilla.suse.com/show_bug.cgi?id=1234900 * https://bugzilla.suse.com/show_bug.cgi?id=1234905 * https://bugzilla.suse.com/show_bug.cgi?id=1234907 * https://bugzilla.suse.com/show_bug.cgi?id=1234909 * https://bugzilla.suse.com/show_bug.cgi?id=1234911 * https://bugzilla.suse.com/show_bug.cgi?id=1234912 * https://bugzilla.suse.com/show_bug.cgi?id=1234916 * https://bugzilla.suse.com/show_bug.cgi?id=1234918 * https://bugzilla.suse.com/show_bug.cgi?id=1234920 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234922 * https://bugzilla.suse.com/show_bug.cgi?id=1234929 * https://bugzilla.suse.com/show_bug.cgi?id=1234930 * https://bugzilla.suse.com/show_bug.cgi?id=1234937 * https://bugzilla.suse.com/show_bug.cgi?id=1234948 * https://bugzilla.suse.com/show_bug.cgi?id=1234950 * https://bugzilla.suse.com/show_bug.cgi?id=1234952 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234962 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1234968 * https://bugzilla.suse.com/show_bug.cgi?id=1234969 * https://bugzilla.suse.com/show_bug.cgi?id=1234970 * https://bugzilla.suse.com/show_bug.cgi?id=1234971 * https://bugzilla.suse.com/show_bug.cgi?id=1234973 * https://bugzilla.suse.com/show_bug.cgi?id=1234974 * https://bugzilla.suse.com/show_bug.cgi?id=1234989 * https://bugzilla.suse.com/show_bug.cgi?id=1234999 * https://bugzilla.suse.com/show_bug.cgi?id=1235002 * https://bugzilla.suse.com/show_bug.cgi?id=1235003 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235007 * https://bugzilla.suse.com/show_bug.cgi?id=1235009 * https://bugzilla.suse.com/show_bug.cgi?id=1235016 * https://bugzilla.suse.com/show_bug.cgi?id=1235019 * https://bugzilla.suse.com/show_bug.cgi?id=1235033 * https://bugzilla.suse.com/show_bug.cgi?id=1235045 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235075 * https://bugzilla.suse.com/show_bug.cgi?id=1235108 * https://bugzilla.suse.com/show_bug.cgi?id=1235128 * https://bugzilla.suse.com/show_bug.cgi?id=1235134 * https://bugzilla.suse.com/show_bug.cgi?id=1235138 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235406 * https://bugzilla.suse.com/show_bug.cgi?id=1235409 * https://bugzilla.suse.com/show_bug.cgi?id=1235416 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 * https://bugzilla.suse.com/show_bug.cgi?id=1235550 * https://jira.suse.com/browse/PED-10467 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:34:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 12:34:06 -0000 Subject: SUSE-SU-2025:0116-1: important: Security update for git Message-ID: <173694444623.18685.10603884531254793779@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2025:0116-1 Release Date: 2025-01-15T08:32:46Z Rating: important References: * bsc#1235600 * bsc#1235601 Cross-References: * CVE-2024-50349 * CVE-2024-52006 CVSS scores: * CVE-2024-50349 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-52006 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600). * CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-116=1 openSUSE-SLE-15.6-2025-116=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-116=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-116=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * perl-Git-2.43.0-150600.3.9.1 * gitk-2.43.0-150600.3.9.1 * git-daemon-2.43.0-150600.3.9.1 * git-credential-libsecret-2.43.0-150600.3.9.1 * git-credential-libsecret-debuginfo-2.43.0-150600.3.9.1 * git-core-debuginfo-2.43.0-150600.3.9.1 * git-email-2.43.0-150600.3.9.1 * git-debuginfo-2.43.0-150600.3.9.1 * git-web-2.43.0-150600.3.9.1 * git-gui-2.43.0-150600.3.9.1 * git-2.43.0-150600.3.9.1 * git-arch-2.43.0-150600.3.9.1 * git-p4-2.43.0-150600.3.9.1 * git-cvs-2.43.0-150600.3.9.1 * git-core-2.43.0-150600.3.9.1 * git-daemon-debuginfo-2.43.0-150600.3.9.1 * git-svn-2.43.0-150600.3.9.1 * git-debugsource-2.43.0-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * git-doc-2.43.0-150600.3.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-core-debuginfo-2.43.0-150600.3.9.1 * git-core-2.43.0-150600.3.9.1 * git-debuginfo-2.43.0-150600.3.9.1 * git-debugsource-2.43.0-150600.3.9.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * perl-Git-2.43.0-150600.3.9.1 * gitk-2.43.0-150600.3.9.1 * git-daemon-2.43.0-150600.3.9.1 * git-email-2.43.0-150600.3.9.1 * git-debuginfo-2.43.0-150600.3.9.1 * git-web-2.43.0-150600.3.9.1 * git-gui-2.43.0-150600.3.9.1 * git-2.43.0-150600.3.9.1 * git-arch-2.43.0-150600.3.9.1 * git-cvs-2.43.0-150600.3.9.1 * git-daemon-debuginfo-2.43.0-150600.3.9.1 * git-svn-2.43.0-150600.3.9.1 * git-debugsource-2.43.0-150600.3.9.1 * Development Tools Module 15-SP6 (noarch) * git-doc-2.43.0-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50349.html * https://www.suse.com/security/cve/CVE-2024-52006.html * https://bugzilla.suse.com/show_bug.cgi?id=1235600 * https://bugzilla.suse.com/show_bug.cgi?id=1235601 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 16:30:10 -0000 Subject: SUSE-SU-2025:0132-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3) Message-ID: <173695861014.20886.2449892368919281276@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0132-1 Release Date: 2025-01-15T14:03:55Z Rating: important References: * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_170 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-132=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-132=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_47-debugsource-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_170-default-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-3-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_170-preempt-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-3-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_47-debugsource-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_170-default-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-3-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 16:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 16:30:25 -0000 Subject: SUSE-SU-2025:0131-1: important: Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) Message-ID: <173695862502.20886.12312515122819024700@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0131-1 Release Date: 2025-01-15T14:03:46Z Rating: important References: * bsc#1223683 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47291 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2024-26923 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_164 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-131=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-131=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-6-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_164-default-6-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_45-debugsource-6-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-6-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_164-preempt-6-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-6-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 16:30:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 16:30:31 -0000 Subject: SUSE-SU-2025:0121-2: important: Security update for rsync Message-ID: <173695863199.20886.3880217744201591925@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0121-2 Release Date: 2025-01-15T14:56:27Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: NOTE: This update was retracted due to a buggy security fix. A followup update will be provided. * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-121=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-121=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-121=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-121=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-121=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-121=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-121=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 16:30:36 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 16:30:36 -0000 Subject: SUSE-SU-2025:0122-2: important: Security update for rsync Message-ID: <173695863640.20886.7102317195500186828@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0122-2 Release Date: 2025-01-15T14:55:54Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: NOTE: This update was retracted as one of the fixes was broken. A new update will be issued. * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2025-122=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-122=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-122=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-122=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-122=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-122=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-122=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-122=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2025-122=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-122=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-122=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-122=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-122=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-122=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Proxy 4.3 (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 16:30:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 16:30:41 -0000 Subject: SUSE-SU-2025:0120-2: important: Security update for rsync Message-ID: <173695864103.20886.13533984836073885019@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0120-2 Release Date: 2025-01-15T14:51:52Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: NOTE: This update has been retracted due to a buggy security fix. A followup update will be provided. * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-120=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-120=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debugsource-3.1.3-3.18.1 * rsync-debuginfo-3.1.3-3.18.1 * rsync-3.1.3-3.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * rsync-debugsource-3.1.3-3.18.1 * rsync-debuginfo-3.1.3-3.18.1 * rsync-3.1.3-3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 16:30:46 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 16:30:46 -0000 Subject: SUSE-SU-2025:0118-2: important: Security update for rsync Message-ID: <173695864614.20886.7048451389657117025@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0118-2 Release Date: 2025-01-15T14:40:31Z Rating: important References: * bsc#1234100 * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12084 * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12084 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12084 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: NOTE: this update is broken and was retracted. New update will be published as followup update. * CVE-2024-12084: heap buffer overflow in checksum parsing. (bsc#1234100) * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-118=1 SUSE-2025-118=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-118=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * rsync-debuginfo-3.2.7-150600.3.4.1 * rsync-debugsource-3.2.7-150600.3.4.1 * rsync-3.2.7-150600.3.4.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.7-150600.3.4.1 * rsync-debugsource-3.2.7-150600.3.4.1 * rsync-3.2.7-150600.3.4.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12084.html * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234100 * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 16:30:53 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 Jan 2025 16:30:53 -0000 Subject: SUSE-SU-2025:0130-1: important: Security update for dnsmasq Message-ID: <173695865399.20886.3525292322288475828@smelt2.prg2.suse.org> # Security update for dnsmasq Announcement ID: SUSE-SU-2025:0130-1 Release Date: 2025-01-15T13:26:55Z Rating: important References: * bsc#1200344 * bsc#1207174 * bsc#1214884 * bsc#1219823 * bsc#1219826 * bsc#1235517 Cross-References: * CVE-2023-50387 * CVE-2023-50868 CVSS scores: * CVE-2023-50387 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-50387 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-50868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities and has four security fixes can now be installed. ## Description: This update for dnsmasq fixes the following issues: * Version update to 2.90: * CVE-2023-50387: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219823) * CVE-2023-50868: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219826) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-130=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-130=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-130=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-130=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-130=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-130=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-130=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * dnsmasq-debugsource-2.90-150100.7.28.1 * dnsmasq-2.90-150100.7.28.1 * dnsmasq-debuginfo-2.90-150100.7.28.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debugsource-2.90-150100.7.28.1 * dnsmasq-2.90-150100.7.28.1 * dnsmasq-debuginfo-2.90-150100.7.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * dnsmasq-debugsource-2.90-150100.7.28.1 * dnsmasq-2.90-150100.7.28.1 * dnsmasq-debuginfo-2.90-150100.7.28.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * dnsmasq-debugsource-2.90-150100.7.28.1 * dnsmasq-2.90-150100.7.28.1 * dnsmasq-debuginfo-2.90-150100.7.28.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * dnsmasq-debugsource-2.90-150100.7.28.1 * dnsmasq-2.90-150100.7.28.1 * dnsmasq-debuginfo-2.90-150100.7.28.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * dnsmasq-debugsource-2.90-150100.7.28.1 * dnsmasq-2.90-150100.7.28.1 * dnsmasq-debuginfo-2.90-150100.7.28.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * dnsmasq-debugsource-2.90-150100.7.28.1 * dnsmasq-2.90-150100.7.28.1 * dnsmasq-debuginfo-2.90-150100.7.28.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50387.html * https://www.suse.com/security/cve/CVE-2023-50868.html * https://bugzilla.suse.com/show_bug.cgi?id=1200344 * https://bugzilla.suse.com/show_bug.cgi?id=1207174 * https://bugzilla.suse.com/show_bug.cgi?id=1214884 * https://bugzilla.suse.com/show_bug.cgi?id=1219823 * https://bugzilla.suse.com/show_bug.cgi?id=1219826 * https://bugzilla.suse.com/show_bug.cgi?id=1235517 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 12:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 12:30:21 -0000 Subject: SUSE-SU-2025:0138-1: important: Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Message-ID: <173703062145.29410.15474816539597620921@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0138-1 Release Date: 2025-01-16T10:35:20Z Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1227471 * bsc#1228349 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-138=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-138=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_15-debugsource-7-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-7-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_68-default-7-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_15-debugsource-7-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-7-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_68-default-7-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 12:30:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 12:30:38 -0000 Subject: SUSE-SU-2025:0137-1: important: Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) Message-ID: <173703063887.29410.11618479930260366578@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0137-1 Release Date: 2025-01-16T10:35:10Z Rating: important References: * bsc#1210619 * bsc#1223363 * bsc#1223683 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225302 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47291 * CVE-2021-47378 * CVE-2021-47383 * CVE-2021-47402 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-1829 * CVE-2023-52752 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 20 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_161 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301) * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-137=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-137=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_44-debugsource-9-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-9-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-9-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_161-preempt-9-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2021-47402.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225302 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 12:30:42 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 12:30:42 -0000 Subject: SUSE-SU-2025:0136-1: important: Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3) Message-ID: <173703064206.29410.13016973364954373883@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0136-1 Release Date: 2025-01-16T10:34:57Z Rating: important References: * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_144 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-136=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-136=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_144-default-15-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_39-debugsource-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-debuginfo-15-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_144-preempt-debuginfo-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-preempt-15-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_144-default-15-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 12:30:45 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 12:30:45 -0000 Subject: SUSE-SU-2025:0139-1: important: Security update for libQtWebKit4 Message-ID: <173703064558.29410.14359560387892045116@smelt2.prg2.suse.org> # Security update for libQtWebKit4 Announcement ID: SUSE-SU-2025:0139-1 Release Date: 2025-01-16T10:35:32Z Rating: important References: * bsc#1228693 Cross-References: * CVE-2024-40779 CVSS scores: * CVE-2024-40779 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40779 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libQtWebKit4 fixes the following issues: * CVE-2024-40779: Fixed heap buffer overflow in computeSampleUsingLinearInterpolation (bsc#1228693) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-139=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-139=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libQtWebKit-devel-4.8.7+2.3.4-4.10.1 * libQtWebKit4-4.8.7+2.3.4-4.10.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * libQtWebKit4-debugsource-4.8.7+2.3.4-4.10.1 * libQtWebKit4-debuginfo-4.8.7+2.3.4-4.10.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libQtWebKit4-32bit-4.8.7+2.3.4-4.10.1 * libQtWebKit4-debuginfo-32bit-4.8.7+2.3.4-4.10.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libQtWebKit-devel-4.8.7+2.3.4-4.10.1 * libQtWebKit4-4.8.7+2.3.4-4.10.1 * libQtWebKit4-debugsource-4.8.7+2.3.4-4.10.1 * libQtWebKit4-debuginfo-32bit-4.8.7+2.3.4-4.10.1 * libQtWebKit4-32bit-4.8.7+2.3.4-4.10.1 * libQtWebKit4-debuginfo-4.8.7+2.3.4-4.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40779.html * https://bugzilla.suse.com/show_bug.cgi?id=1228693 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 16:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 16:30:24 -0000 Subject: SUSE-SU-2025:0146-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Message-ID: <173704502499.29714.11373491251223256493@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0146-1 Release Date: 2025-01-16T15:03:42Z Rating: important References: * bsc#1223363 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225311 * bsc#1225312 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 22 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_62 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-146=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-146=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_13-debugsource-8-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-8-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_62-default-8-150500.11.6.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_13-debugsource-8-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-8-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_62-default-8-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 16:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 16:30:34 -0000 Subject: SUSE-SU-2025:0144-1: important: Security update for git Message-ID: <173704503475.29714.9359657440079049383@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2025:0144-1 Release Date: 2025-01-16T13:30:38Z Rating: important References: * bsc#1235600 * bsc#1235601 Cross-References: * CVE-2024-50349 * CVE-2024-52006 CVSS scores: * CVE-2024-50349 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-50349 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-52006 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-52006 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600). * CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-144=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-144=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-144=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-144=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-144=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-144=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-144=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-144=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-credential-libsecret-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-credential-gnome-keyring-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * git-p4-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * openSUSE Leap 15.3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Manager Proxy 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Enterprise Storage 7.1 (noarch) * git-doc-2.35.3-150300.10.48.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50349.html * https://www.suse.com/security/cve/CVE-2024-52006.html * https://bugzilla.suse.com/show_bug.cgi?id=1235600 * https://bugzilla.suse.com/show_bug.cgi?id=1235601 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 16:30:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 16:30:39 -0000 Subject: SUSE-SU-2025:0143-1: moderate: Security update for apache2-mod_jk Message-ID: <173704503912.29714.14036289903859850951@smelt2.prg2.suse.org> # Security update for apache2-mod_jk Announcement ID: SUSE-SU-2025:0143-1 Release Date: 2025-01-16T13:25:33Z Rating: moderate References: * bsc#1230916 Cross-References: * CVE-2024-46544 CVSS scores: * CVE-2024-46544 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46544 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-46544 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2-mod_jk fixes the following issues: * Update to version 1.2.50: * CVE-2024-46544: Fixed incorrect default permissions vulnerabilitymay that could lead to information disclosure and/or denial of service. (bsc#1230916) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-143=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * apache2-mod_jk-debuginfo-1.2.50-7.12.1 * apache2-mod_jk-debugsource-1.2.50-7.12.1 * apache2-mod_jk-1.2.50-7.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46544.html * https://bugzilla.suse.com/show_bug.cgi?id=1230916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 16:30:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 16:30:41 -0000 Subject: SUSE-SU-2025:0142-1: moderate: Security update for xen Message-ID: <173704504187.29714.6419789133605740467@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2025:0142-1 Release Date: 2025-01-16T13:20:15Z Rating: moderate References: * bsc#1027519 * bsc#1234282 Cross-References: * CVE-2024-53241 CVSS scores: * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-53241: Xen hypercall page unsafe against speculative attacks (bsc#1234282). Bug fixes: * Update to Xen 4.18.4 security bug fix release (bsc#1027519) * x86: Prefer ACPI reboot over UEFI ResetSystem() run time service call * No other changes mentioned in upstream changelog, sources, or webpage ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-142=1 openSUSE-SLE-15.6-2025-142=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-142=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-142=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-tools-domU-4.18.4_02-150600.3.15.2 * xen-debugsource-4.18.4_02-150600.3.15.2 * xen-tools-domU-debuginfo-4.18.4_02-150600.3.15.2 * xen-libs-debuginfo-4.18.4_02-150600.3.15.2 * xen-devel-4.18.4_02-150600.3.15.2 * xen-libs-4.18.4_02-150600.3.15.2 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-debuginfo-4.18.4_02-150600.3.15.2 * xen-libs-32bit-4.18.4_02-150600.3.15.2 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-tools-debuginfo-4.18.4_02-150600.3.15.2 * xen-tools-4.18.4_02-150600.3.15.2 * xen-doc-html-4.18.4_02-150600.3.15.2 * xen-4.18.4_02-150600.3.15.2 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.4_02-150600.3.15.2 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-4.18.4_02-150600.3.15.2 * xen-libs-64bit-debuginfo-4.18.4_02-150600.3.15.2 * Basesystem Module 15-SP6 (x86_64) * xen-tools-domU-4.18.4_02-150600.3.15.2 * xen-debugsource-4.18.4_02-150600.3.15.2 * xen-tools-domU-debuginfo-4.18.4_02-150600.3.15.2 * xen-libs-debuginfo-4.18.4_02-150600.3.15.2 * xen-libs-4.18.4_02-150600.3.15.2 * Server Applications Module 15-SP6 (x86_64) * xen-tools-debuginfo-4.18.4_02-150600.3.15.2 * xen-debugsource-4.18.4_02-150600.3.15.2 * xen-tools-4.18.4_02-150600.3.15.2 * xen-4.18.4_02-150600.3.15.2 * xen-devel-4.18.4_02-150600.3.15.2 * Server Applications Module 15-SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.4_02-150600.3.15.2 ## References: * https://www.suse.com/security/cve/CVE-2024-53241.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 20:30:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 20:30:29 -0000 Subject: SUSE-SU-2025:0150-1: important: Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Message-ID: <173705942993.771.9592710535606984133@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0150-1 Release Date: 2025-01-16T17:33:50Z Rating: important References: * bsc#1220145 * bsc#1221302 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 29 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_116 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-150=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-150=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_25-debugsource-10-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-10-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-10-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_25-debugsource-10-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-10-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-10-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 20:30:36 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 Jan 2025 20:30:36 -0000 Subject: SUSE-SU-2025:0149-1: important: Security update for python-Django Message-ID: <173705943609.771.8372414527083651897@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2025:0149-1 Release Date: 2025-01-16T17:03:46Z Rating: important References: * bsc#1235856 Cross-References: * CVE-2024-56374 CVSS scores: * CVE-2024-56374 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56374 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56374 ( NVD ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-56374: Fixed lack of upper bound limit enforcement in strings when performing IPv6 validation that could lead to denial of service (bsc#1235856) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-149=1 openSUSE-SLE-15.6-2025-149=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-149=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Django-4.2.11-150600.3.15.1 * SUSE Package Hub 15 15-SP6 (noarch) * python311-Django-4.2.11-150600.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56374.html * https://bugzilla.suse.com/show_bug.cgi?id=1235856 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 12:32:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 12:32:44 -0000 Subject: SUSE-SU-2025:0153-1: important: Security update for the Linux Kernel Message-ID: <173711716464.29714.1930310459257594970@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0153-1 Release Date: 2025-01-17T09:14:13Z Rating: important References: * bsc#1214954 * bsc#1216813 * bsc#1220773 * bsc#1224095 * bsc#1224726 * bsc#1225743 * bsc#1225820 * bsc#1227445 * bsc#1228526 * bsc#1229809 * bsc#1230205 * bsc#1230697 * bsc#1231854 * bsc#1231909 * bsc#1231963 * bsc#1232193 * bsc#1232198 * bsc#1232201 * bsc#1232418 * bsc#1232419 * bsc#1232420 * bsc#1232421 * bsc#1232436 * bsc#1233038 * bsc#1233070 * bsc#1233096 * bsc#1233200 * bsc#1233204 * bsc#1233239 * bsc#1233259 * bsc#1233260 * bsc#1233324 * bsc#1233328 * bsc#1233461 * bsc#1233467 * bsc#1233469 * bsc#1233546 * bsc#1233558 * bsc#1233637 * bsc#1233642 * bsc#1233772 * bsc#1233837 * bsc#1234024 * bsc#1234069 * bsc#1234071 * bsc#1234073 * bsc#1234075 * bsc#1234076 * bsc#1234077 * bsc#1234079 * bsc#1234086 * bsc#1234139 * bsc#1234140 * bsc#1234141 * bsc#1234142 * bsc#1234143 * bsc#1234144 * bsc#1234145 * bsc#1234146 * bsc#1234147 * bsc#1234148 * bsc#1234149 * bsc#1234150 * bsc#1234153 * bsc#1234155 * bsc#1234156 * bsc#1234158 * bsc#1234159 * bsc#1234160 * bsc#1234161 * bsc#1234162 * bsc#1234163 * bsc#1234164 * bsc#1234165 * bsc#1234166 * bsc#1234167 * bsc#1234168 * bsc#1234169 * bsc#1234170 * bsc#1234171 * bsc#1234172 * bsc#1234173 * bsc#1234174 * bsc#1234175 * bsc#1234176 * bsc#1234177 * bsc#1234178 * bsc#1234179 * bsc#1234180 * bsc#1234181 * bsc#1234182 * bsc#1234183 * bsc#1234184 * bsc#1234185 * bsc#1234186 * bsc#1234187 * bsc#1234188 * bsc#1234189 * bsc#1234190 * bsc#1234191 * bsc#1234192 * bsc#1234193 * bsc#1234194 * bsc#1234195 * bsc#1234196 * bsc#1234197 * bsc#1234198 * bsc#1234199 * bsc#1234200 * bsc#1234201 * bsc#1234203 * bsc#1234204 * bsc#1234205 * bsc#1234207 * bsc#1234208 * bsc#1234209 * bsc#1234219 * bsc#1234220 * bsc#1234221 * bsc#1234237 * bsc#1234238 * bsc#1234239 * bsc#1234240 * bsc#1234241 * bsc#1234242 * bsc#1234243 * bsc#1234278 * bsc#1234279 * bsc#1234280 * bsc#1234281 * bsc#1234282 * bsc#1234294 * bsc#1234338 * bsc#1234357 * bsc#1234381 * bsc#1234454 * bsc#1234464 * bsc#1234605 * bsc#1234651 * bsc#1234652 * bsc#1234654 * bsc#1234655 * bsc#1234657 * bsc#1234658 * bsc#1234659 * bsc#1234668 * bsc#1234690 * bsc#1234725 * bsc#1234726 * bsc#1234810 * bsc#1234811 * bsc#1234826 * bsc#1234827 * bsc#1234829 * bsc#1234832 * bsc#1234834 * bsc#1234843 * bsc#1234846 * bsc#1234848 * bsc#1234853 * bsc#1234855 * bsc#1234856 * bsc#1234884 * bsc#1234889 * bsc#1234891 * bsc#1234899 * bsc#1234900 * bsc#1234905 * bsc#1234907 * bsc#1234909 * bsc#1234911 * bsc#1234912 * bsc#1234916 * bsc#1234918 * bsc#1234920 * bsc#1234921 * bsc#1234922 * bsc#1234929 * bsc#1234930 * bsc#1234937 * bsc#1234948 * bsc#1234950 * bsc#1234952 * bsc#1234960 * bsc#1234962 * bsc#1234963 * bsc#1234968 * bsc#1234969 * bsc#1234970 * bsc#1234971 * bsc#1234973 * bsc#1234974 * bsc#1234989 * bsc#1234999 * bsc#1235002 * bsc#1235003 * bsc#1235004 * bsc#1235007 * bsc#1235009 * bsc#1235016 * bsc#1235019 * bsc#1235033 * bsc#1235045 * bsc#1235056 * bsc#1235061 * bsc#1235075 * bsc#1235108 * bsc#1235128 * bsc#1235134 * bsc#1235138 * bsc#1235246 * bsc#1235406 * bsc#1235409 * bsc#1235416 * bsc#1235507 * bsc#1235550 * jsc#PED-10467 Cross-References: * CVE-2024-26924 * CVE-2024-27397 * CVE-2024-35839 * CVE-2024-36908 * CVE-2024-39480 * CVE-2024-41042 * CVE-2024-44934 * CVE-2024-44996 * CVE-2024-47678 * CVE-2024-49854 * CVE-2024-49884 * CVE-2024-49915 * CVE-2024-50016 * CVE-2024-50018 * CVE-2024-50039 * CVE-2024-50047 * CVE-2024-50143 * CVE-2024-50154 * CVE-2024-50202 * CVE-2024-50203 * CVE-2024-50211 * CVE-2024-50228 * CVE-2024-50256 * CVE-2024-50262 * CVE-2024-50272 * CVE-2024-50278 * CVE-2024-50280 * CVE-2024-53050 * CVE-2024-53064 * CVE-2024-53090 * CVE-2024-53099 * CVE-2024-53103 * CVE-2024-53105 * CVE-2024-53111 * CVE-2024-53113 * CVE-2024-53117 * CVE-2024-53118 * CVE-2024-53119 * CVE-2024-53120 * CVE-2024-53122 * CVE-2024-53125 * CVE-2024-53126 * CVE-2024-53127 * CVE-2024-53129 * CVE-2024-53130 * CVE-2024-53131 * CVE-2024-53133 * CVE-2024-53134 * CVE-2024-53136 * CVE-2024-53141 * CVE-2024-53142 * CVE-2024-53144 * CVE-2024-53146 * CVE-2024-53148 * CVE-2024-53150 * CVE-2024-53151 * CVE-2024-53154 * CVE-2024-53155 * CVE-2024-53156 * CVE-2024-53157 * CVE-2024-53158 * CVE-2024-53159 * CVE-2024-53160 * CVE-2024-53161 * CVE-2024-53162 * CVE-2024-53166 * CVE-2024-53169 * CVE-2024-53171 * CVE-2024-53173 * CVE-2024-53174 * CVE-2024-53179 * CVE-2024-53180 * CVE-2024-53188 * CVE-2024-53190 * CVE-2024-53191 * CVE-2024-53200 * CVE-2024-53201 * CVE-2024-53202 * CVE-2024-53206 * CVE-2024-53207 * CVE-2024-53208 * CVE-2024-53209 * CVE-2024-53210 * CVE-2024-53213 * CVE-2024-53214 * CVE-2024-53215 * CVE-2024-53216 * CVE-2024-53217 * CVE-2024-53222 * CVE-2024-53224 * CVE-2024-53229 * CVE-2024-53234 * CVE-2024-53237 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56536 * CVE-2024-56539 * CVE-2024-56549 * CVE-2024-56551 * CVE-2024-56562 * CVE-2024-56566 * CVE-2024-56567 * CVE-2024-56576 * CVE-2024-56582 * CVE-2024-56599 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56645 * CVE-2024-56667 * CVE-2024-56752 * CVE-2024-56754 * CVE-2024-56755 * CVE-2024-56756 * CVE-2024-8805 CVSS scores: * CVE-2024-26924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27397 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36908 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-39480 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L * CVE-2024-39480 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44996 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-49854 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49854 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49854 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49915 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50018 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50203 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50203 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50203 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50211 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50228 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50228 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-50228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50262 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50262 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50272 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53050 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53099 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53099 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53099 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53111 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53111 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53117 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53118 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53127 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53133 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53133 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53134 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53141 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53148 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53148 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53150 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53150 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53151 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53154 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53154 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53155 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53155 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53155 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53159 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53159 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-53160 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53160 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53161 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53169 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53169 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53171 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53174 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53174 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53180 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53180 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53188 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53190 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-53190 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-53191 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53191 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53200 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53201 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53202 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53202 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-53202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53207 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53207 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53208 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53208 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53208 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53209 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53209 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53213 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53215 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53216 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53216 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53217 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53222 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53222 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53222 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53224 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53224 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53229 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53229 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53234 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53234 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53237 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53237 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56536 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56536 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56536 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56549 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56549 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56551 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56551 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56551 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56562 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56562 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56566 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56566 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2024-56567 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56567 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56576 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56582 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56582 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56582 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56599 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56599 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56599 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56645 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56645 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56667 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56752 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56752 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56754 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56754 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56755 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56755 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56756 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56756 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56756 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Real Time Module 15-SP6 An update that solves 114 vulnerabilities, contains one feature and has 102 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). * CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095). * CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726). * CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). * CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). * CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205). * CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). * CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). * CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909). * CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). * CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). * CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). * CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). * CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469). * CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). * CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546). * CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464). * CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). * CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772). * CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069). * CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086). * CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). * CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079). * CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071). * CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). * CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). * CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). * CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). * CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221) * CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159). * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). * CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810). * CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003). * CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974). * CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). * CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). * CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033). * CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128). * CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: * 9p: v9fs_fid_find: also lookup by inode if not found dentry (git-fixes). * ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) * ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467). * ACPI: resource: Fix memory resource type union access (git-fixes). * ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable- fixes). * ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable- fixes). * ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable- fixes). * ACPICA: events/evxfregn: do not release the ContextMutex that was never acquired (git-fixes). * ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: seq: Check UMP support for midi_version change (git-fixes). * ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). * ALSA: seq: ump: Fix seq port updates per FB info notify (git-fixes). * ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes). * ALSA: seq: ump: Use guard() for locking (stable-fixes). * ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes). * ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). * ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C (stable-fixes). * ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP (stable- fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen 5 21MES00B00 (stable-fixes). * ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes). * ASoC: amd: yc: Fix the wrong return value (git-fixes). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: hdmi-codec: reorder channel allocation list (stable-fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (stable- fixes). * Bluetooth: ISO: Reassociate a socket with an active BIS (stable-fixes). * Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes). * Bluetooth: MGMT: Fix possible deadlocks (git-fixes). * Bluetooth: SCO: Add support for 16 bits transparent voice setting (git- fixes). * Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable- fixes). * Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes). * Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (git- fixes). * Bluetooth: iso: Fix recursive locking warning (git-fixes). * Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git- fixes). * Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git- fixes). * HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes). * NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git- fixes). * NFSD: Async COPY result needs to return a write verifier (git-fixes). * NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (git- fixes). * NFSD: Fix nfsd4_shutdown_copy() (git-fixes). * NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). * NFSD: Prevent a potential integer overflow (git-fixes). * NFSD: Remove a never-true comparison (git-fixes). * NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point (git-fixes). * NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git- fixes). * Octeontx2-pf: Free send queue buffers incase of leaf to inner (git-fixes). * PCI/AER: Disable AER service on suspend (stable-fixes). * PCI/MSI: Handle lack of irqdomain gracefully (git-fixes). * PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes). * PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes). * PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes). * PCI: Add T_PERST_CLK_US macro (git-fixes). * PCI: Detect and trust built-in Thunderbolt chips (stable-fixes). * PCI: Fix use-after-free of slot->bus on hot remove (stable-fixes). * PCI: Use preserve_config in place of pci_flags (stable-fixes). * PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() (stable-fixes). * PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes). * PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (stable-fixes). * PCI: j721e: Add PCIe 4x lane selection support (stable-fixes). * PCI: j721e: Add per platform maximum lane settings (stable-fixes). * PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes). * PCI: j721e: Add suspend and resume support (git-fixes). * PCI: j721e: Use T_PERST_CLK_US macro (git-fixes). * PCI: qcom: Add support for IPQ9574 (stable-fixes). * PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable- fixes). * PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes). * RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467). * RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes) * RDMA/bnxt_re: Avoid initializing the software queue for user queues (git- fixes) * RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes) * RDMA/bnxt_re: Disable use of reserved wqes (git-fixes) * RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes) * RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes) * RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes) * RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes) * RDMA/bnxt_re: Remove always true dattr validity check (git-fixes) * RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes) * RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes) * RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes) * RDMA/hns: Fix missing flush CQE for DWQE (git-fixes) * RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes) * RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes) * RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes) * RDMA/uverbs: Prevent integer overflow issue (git-fixes) * Revert "block/mq-deadline: use correct way to throttling write requests" (bsc#1234146). * Revert "btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)" * Revert "igb: Disable threaded IRQ for igb_msix_other" (git-fixes). * Revert "unicode: Do not special case ignorable code points" (stable-fixes). * SUNRPC: make sure cache entry active before cache_show (git-fixes). * SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (git-fixes). * USB: serial: option: add MediaTek T7XX compositions (stable-fixes). * USB: serial: option: add MeiG Smart SLM770A (stable-fixes). * USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable- fixes). * USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes). * USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes). * accel/habanalabs/gaudi2: unsecure tpc count registers (stable-fixes). * accel/habanalabs: export dma-buf only if size/offset multiples of PAGE_SIZE (stable-fixes). * accel/habanalabs: fix debugfs files permissions (stable-fixes). * accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings (stable- fixes). * acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes). * af_unix: Call manage_oob() for every skb in unix_stream_read_generic() (bsc#1234725). * afs: Automatically generate trace tag enums (git-fixes). * afs: Fix missing subdir edit when renamed between parent dirs (git-fixes). * amdgpu/uvd: get ring reference from rq scheduler (git-fixes). * arch: Introduce arch_{,try_}_cmpxchg128{,_local}() (bsc#1220773). * arch: Remove cmpxchg_double (bsc#1220773). * arch: consolidate arch_irq_work_raise prototypes (git-fixes). * arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) * arm64: Force position-independent veneers (git-fixes). * arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes). * autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). * batman-adv: Do not let TT changes list grows indefinitely (git-fixes). * batman-adv: Do not send uninitialized TT changes (git-fixes). * batman-adv: Remove uninitialized data in full table TT response (git-fixes). * blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726). * blk-core: use pr_warn_ratelimited() in bio_check_ro() (bsc#1234139). * blk-iocost: Fix an UBSAN shift-out-of-bounds warning (bsc#1234144). * blk-iocost: do not WARN if iocg was already offlined (bsc#1234147). * blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (bsc#1234140). * block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() (bsc#1234149). * block, bfq: do not break merge chain in bfq_split_bfqq() (bsc#1234150). * block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234160). * block, bfq: fix procress reference leakage for bfqq in merge chain (bsc#1234280). * block, bfq: fix uaf for accessing waker_bfqq after splitting (bsc#1234279). * block/mq-deadline: Fix the tag reservation code (bsc#1234148). * block: Call .limit_depth() after .hctx has been set (bsc#1234148). * block: Fix where bio IO priority gets set (bsc#1234145). * block: prevent an integer overflow in bvec_try_merge_hw_page (bsc#1234142). * block: update the stable_writes flag in bdev_add (bsc#1234141). * bnxt_en: Fix receive ring space parameters when XDP is active (git-fixes). * bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes). * bnxt_en: Set backplane link modes correctly for ethtool (git-fixes). * bpf, x86: Fix PROBE_MEM runtime load check (git-fixes). * bpf: verifier: prevent userspace memory access (git-fixes). * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) * can: gs_usb: add VID/PID for Xylanta SAINT3 product family (stable-fixes). * can: j1939: fix error in J1939 documentation (stable-fixes). * clocksource/drivers/timer-ti-dm: Fix child node refcount handling (git- fixes). * clocksource/drivers:sp804: Make user selectable (git-fixes). * counter: stm32-timer-cnt: Add check for clk_enable() (git-fixes). * counter: ti-ecap-capture: Add check for clk_enable() (git-fixes). * crypto: qat - disable IOV in adf_dev_stop() (git-fixes). * crypto: x86/sha256 - Add parentheses around macros' single arguments (stable-fixes). * cyrpto/b128ops: Remove struct u128 (bsc#1220773). * devlink: Fix length of eswitch inline-mode (git-fixes). * dma-buf: fix dma_fence_array_signaled v4 (stable-fixes). * dma-debug: fix a possible deadlock on radix_lock (stable-fixes). * dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes). * dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git- fixes). * dmaengine: dw: Select only supported masters for ACPI devices (git-fixes). * dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). * dmaengine: mv_xor: fix child node refcount handling in early exit (git- fixes). * dmaengine: tegra: Return correct DMA status when paused (git-fixes). * driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link (stable-fixes). * driver core: fw_devlink: Improve logs for cycle detection (stable-fixes). * driver core: fw_devlink: Stop trying to optimize cycle detection logic (git- fixes). * drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path (git-fixes). * drm/amd/display: Add HDR workaround for specific eDP (stable-fixes). * drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw (stable-fixes). * drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes). * drm/amd/display: Avoid overflow assignment in link_dp_cts (stable-fixes). * drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable- fixes). * drm/amd/display: Revert Avoid overflow assignment (stable-fixes). * drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces (stable- fixes). * drm/amd/pm: fix the high voltage issue after unload (stable-fixes). * drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu v13.0.7 (stable-fixes). * drm/amdgpu/gfx10: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/gfx11: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/gfx9: properly handle error ints on all pipes (stable-fixes). * drm/amdgpu/gfx9: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes). * drm/amdgpu/pm: Remove gpu_od if it's an empty directory (stable-fixes). * drm/amdgpu/umsch: do not execute umsch test when GPU is in reset/suspend (stable-fixes). * drm/amdgpu/umsch: reinitialize write pointer in hw init (stable-fixes). * drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes). * drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes). * drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes). * drm/amdgpu: add raven1 gfxoff quirk (stable-fixes). * drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes). * drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes). * drm/amdgpu: differentiate external rev id for gfx 11.5.0 (stable-fixes). * drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable- fixes). * drm/amdgpu: do not access invalid sched (git-fixes). * drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes). * drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable- fixes). * drm/amdgpu: fix usage slab after free (stable-fixes). * drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes). * drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable- fixes). * drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes). * drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes). * drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes). * drm/amdkfd: Use device based logging for errors (stable-fixes). * drm/amdkfd: Use the correct wptr size (stable-fixes). * drm/amdkfd: pause autosuspend when creating pdd (stable-fixes). * drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). * drm/bridge: it6505: Enable module autoloading (stable-fixes). * drm/bridge: it6505: Fix inverted reset polarity (git-fixes). * drm/bridge: it6505: update usleep_range for RC circuit charge time (stable- fixes). * drm/display: Fix building with GCC 15 (stable-fixes). * drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). * drm/dp_mst: Fix MST sideband message body length check (stable-fixes). * drm/dp_mst: Fix resetting msg rx state after topology removal (git-fixes). * drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes). * drm/etnaviv: flush shader L1 cache after user commandstream (stable-fixes). * drm/i915/dg1: Fix power gate sequence (git-fixes). * drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes). * drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes). * drm/mcde: Enable module autoloading (stable-fixes). * drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable- fixes). * drm/nouveau/gsp: Use the sg allocator for level 2 of radix3 (stable-fixes). * drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git- fixes). * drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes). * drm/printer: Allow NULL data in devcoredump printer (stable-fixes). * drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable- fixes). * drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes). * drm/radeon: Fix spurious unplug event on radeon HDMI (git-fixes). * drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes). * drm/radeon: change rdev->ddev to rdev_to_drm(rdev) (stable-fixes). * drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes). * drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes). * drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes). * drm: adv7511: Drop dsi single lane support (git-fixes). * drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes). * drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). * erofs: avoid debugging output for (de)compressed data (git-fixes). * exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). * ext4: add a new helper to check if es must be kept (bsc#1234170). * ext4: add correct group descriptors and reserved GDT blocks to system zone (bsc#1234164). * ext4: add missed brelse in update_backups (bsc#1234171). * ext4: allow for the last group to be marked as trimmed (bsc#1234278). * ext4: avoid buffer_head leak in ext4_mark_inode_used() (bsc#1234191). * ext4: avoid excessive credit estimate in ext4_tmpfile() (bsc#1234180). * ext4: avoid negative min_clusters in find_group_orlov() (bsc#1234193). * ext4: avoid overlapping preallocations due to overflow (bsc#1234162). * ext4: avoid potential buffer_head leak in __ext4_new_inode() (bsc#1234192). * ext4: avoid writing unitialized memory to disk in EA inodes (bsc#1234187). * ext4: check the extent status again before inserting delalloc block (bsc#1234186). * ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard (bsc#1234190). * ext4: convert to exclusive lock while inserting delalloc extents (bsc#1234178). * ext4: correct best extent lstart adjustment logic (bsc#1234179). * ext4: correct grp validation in ext4_mb_good_group (bsc#1234163). * ext4: correct return value of ext4_convert_meta_bg (bsc#1234172). * ext4: correct the hole length returned by ext4_map_blocks() (bsc#1234178). * ext4: correct the start block of counting reserved clusters (bsc#1234169). * ext4: do not let fstrim block system suspend (https://bugzilla.kernel.org/show_bug.cgi?id=216322 bsc#1234166). * ext4: do not trim the group with corrupted block bitmap (bsc#1234177). * ext4: factor out __es_alloc_extent() and __es_free_extent() (bsc#1234170). * ext4: factor out a common helper to query extent map (bsc#1234186). * ext4: fix inconsistent between segment fstrim and full fstrim (bsc#1234176). * ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() (bsc#1234188). * ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() (bsc#1234188). * ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() (bsc#1234188). * ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954). * ext4: fix potential unnitialized variable (bsc#1234183). * ext4: fix race between writepages and remount (bsc#1234168). * ext4: fix rec_len verify error (bsc#1234167). * ext4: fix slab-use-after-free in ext4_es_insert_extent() (bsc#1234170). * ext4: fix uninitialized variable in ext4_inlinedir_to_tree (bsc#1234185). * ext4: forbid commit inconsistent quota data when errors=remount-ro (bsc#1234178). * ext4: make ext4_es_insert_delayed_block() return void (bsc#1234170). * ext4: make ext4_es_insert_extent() return void (bsc#1234170). * ext4: make ext4_es_remove_extent() return void (bsc#1234170). * ext4: make ext4_zeroout_es() return void (bsc#1234170). * ext4: make sure allocate pending entry not fail (bsc#1234170). * ext4: mark buffer new if it is unwritten to avoid stale data exposure (bsc#1234175). * ext4: move 'ix' sanity check to corrent position (bsc#1234174). * ext4: move setting of trimmed bit into ext4_try_to_trim_range() (bsc#1234165). * ext4: nested locking for xattr inode (bsc#1234189). * ext4: propagate errors from ext4_find_extent() in ext4_insert_range() (bsc#1234194). * ext4: refactor ext4_da_map_blocks() (bsc#1234178). * ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (bsc#1234173). * ext4: remove the redundant folio_wait_stable() (bsc#1234184). * ext4: set the type of max_zeroout to unsigned int to avoid overflow (bsc#1234182). * ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (bsc#1234181). * ext4: use pre-allocated es in __es_insert_extent() (bsc#1234170). * ext4: use pre-allocated es in __es_remove_extent() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_insert_delayed_block() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_insert_extent() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_remove_extent() (bsc#1234170). * filemap: Fix bounds checking in filemap_read() (bsc#1234209). * filemap: add a per-mapping stable writes flag (bsc#1234141). * firmware: arm_scmi: Reject clear channel request on A2P (stable-fixes). * fs-writeback: do not requeue a clean inode having skipped pages (bsc#1234200). * fs/writeback: bail out if there is no more inodes for IO and queued once (bsc#1234207). * fsnotify: fix sending inotify event with unexpected filename (bsc#1234198). * genirq/cpuhotplug: Retry with cpu_online_mask when migration fails (git- fixes). * genirq/cpuhotplug: Skip suspended interrupts when restoring affinity (git- fixes). * genirq/irqdesc: Honor caller provided affinity in alloc_desc() (git-fixes). * gpio: grgpio: Add NULL check in grgpio_probe (git-fixes). * gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes). * hfsplus: do not query the device logical block size multiple times (git- fixes). * hvc/xen: fix console unplug (git-fixes). * hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (git-fixes). * hvc/xen: fix event channel handling for secondary consoles (git-fixes). * hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable- fixes). * hwmon: (pmbus/core) clear faults after setting smbalert mask (git-fixes). * hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK (stable-fixes). * hwmon: (tmp513) Do not use "proxy" headers (stable-fixes). * hwmon: (tmp513) Fix Current Register value interpretation (git-fixes). * hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes). * hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes). * hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes). * hwmon: (tmp513) Use SI constants from units.h (stable-fixes). * i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git- fixes). * i2c: microchip-core: actually use repeated sends (git-fixes). * i2c: microchip-core: fix "ghost" detections (git-fixes). * i2c: pnx: Fix timeout in wait functions (git-fixes). * i2c: riic: Always round-up when calculating bus period (git-fixes). * i40e: Fix handling changed priv flags (git-fixes). * i915/guc: Accumulate active runtime on gt reset (git-fixes). * i915/guc: Ensure busyness counter increases motonically (git-fixes). * i915/guc: Reset engine utilization buffer before registration (git-fixes). * ice: Unbind the workqueue (bsc#1234989) * ice: change q_index variable type to s16 to store -1 value (git-fixes). * ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes). * ice: fix PHY Clock Recovery availability check (git-fixes). * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * igb: Fix potential invalid memory access in igb_init_module() (git-fixes). * iio: magnetometer: yas530: use signed integer type for clamp limits (git- fixes). * instrumentation: Wire up cmpxchg128() (bsc#1220773). * io_uring/rw: avoid punting to io-wq directly (git-fixes). * io_uring/tctx: work around xa_store() allocation error issue (git-fixes). * io_uring: Fix registered ring file refcount leak (git-fixes). * io_uring: always lock __io_cqring_overflow_flush (git-fixes). * io_uring: check if iowq is killed before queuing (git-fixes). * iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated tables (git- fixes). * irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (git-fixes). * isofs: handle CDs with bad root inode but good Joliet root directory (bsc#1234199). * ixgbe: downgrade logging of unsupported VF API version to debug (git-fixes). * ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (git-fixes). * jffs2: Fix rtime decompressor (git-fixes). * jffs2: Prevent rtime decompress memory corruption (git-fixes). * jffs2: fix use of uninitialized variable (git-fixes). * jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git- fixes). * jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). * jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). * jfs: fix shift-out-of-bounds in dbSplit (git-fixes). * jfs: xattr: check invalid xattr size more strictly (git-fixes). * kABI workaround for struct drm_dp_mst_topology_mgr (git-fixes). * kabi/severities: make vcap_find_actionfield PASS (bsc#1220773) * kasan: make report_lock a raw spinlock (git-fixes). * kdb: Fix buffer overflow during tab-complete (bsc#1234652). * kdb: Fix console handling when editing and tab-completing commands (bsc#1234655). * kdb: Merge identical case statements in kdb_read() (bsc#1234657). * kdb: Use format-specifiers rather than memset() for padding in kdb_read() (bsc#1234658). * kdb: Use format-strings rather than '\0' injection in kdb_read() (bsc#1234654). * kdb: Use the passed prompt in kdb_position_cursor() (bsc#1234654). * kdb: address -Wformat-security warnings (bsc#1234659). * kgdb: Flush console before entering kgdb on panic (bsc#1234651). * leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes). * linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes). * locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix). * loop: fix the the direct I/O support check when used on top of block devices (bsc#1234143). * mac80211: fix user-power when emulating chanctx (stable-fixes). * media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable- fixes). * media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git- fixes). * media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes). * media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes). * mfd: da9052-spi: Change read-mask to write-mask (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (git-fixes). * mm/filemap: avoid buffered read/write race to read inconsistent data (bsc#1234204). * mm/readahead: do not allow order-1 folio (bsc#1234205). * mm/readahead: limit page cache size in page_cache_ra_order() (bsc#1234208). * mmc: core: Add SD card quirk for broken poweroff notification (stable- fixes). * mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes). * mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes). * mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes). * mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes). * mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git- fixes). * mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes). * mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes). * mtd: hyperbus: rpc-if: Convert to platform remove callback returning void (stable-fixes). * mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes). * mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes). * mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes). * net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (git-fixes). * net/ipv6: release expired exception dst cached in socket (bsc#1216813). * net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes). * net/mlx5e: Remove workaround to avoid syndrome for internal port (git- fixes). * net/mlx5e: clear xdp features on non-uplink representors (git-fixes). * net/qed: allow old cards not supporting "num_images" to work (git-fixes). * net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (git-fixes). * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * net: usb: qmi_wwan: add Quectel RG650V (stable-fixes). * nfs: ignore SB_RDONLY when mounting nfs (git-fixes). * nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (git-fixes). * nfsd: make sure exp active before svc_export_show (git-fixes). * nfsd: release svc_expkey/svc_export with rcu_work (git-fixes). * nfsd: restore callback functionality for NFSv4.0 (git-fixes). * nilfs2: fix buffer head leaks in calls to truncate_inode_pages() (git- fixes). * nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). * nilfs2: prevent use of deleted inode (git-fixes). * nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). * nvme-rdma: unquiesce admin_q before destroy it (git-fixes). * nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). * nvme/multipath: Fix RCU list traversal to use SRCU primitive (git-fixes). * nvme: apple: fix device reference counting (git-fixes). * nvme: fix metadata handling in nvme-passthrough (git-fixes). * nvmet-loop: avoid using mutex in IO hotpath (git-fixes). * ocfs2: fix uninitialized value in ocfs2_file_read_iter() (git-fixes). * ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes). * of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes). * of: Fix error path in of_parse_phandle_with_args_map() (git-fixes). * of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git- fixes). * of: address: Report error on resource bounds overflow (stable-fixes). * parisc: Raise minimal GCC version (bsc#1220773). * parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix). * percpu: Add {raw,this}_cpu_try_cmpxchg() (bsc#1220773). * percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix). * percpu: Wire up cmpxchg128 (bsc#1220773). * phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes). * phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git- fixes). * phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes). * phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git- fixes). * phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes). * phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes). * phy: rockchip: naneng-combphy: fix phy reset (git-fixes). * phy: usb: Toggle the PHY power during init (git-fixes). * pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). * pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes). * pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes). * pinmux: Use sequential access to access desc->pinmux data (stable-fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). * platform/x86: dell-smbios-base: Extends support to Alienware products (stable-fixes). * platform/x86: dell-wmi-base: Handle META key Lock/Unlock events (stable- fixes). * platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed (stable-fixes). * power: supply: gpio-charger: Fix set charge current limits (git-fixes). * powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). * proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git- fixes). * quota: Fix rcu annotations of inode dquot pointers (bsc#1234197). * quota: explicitly forbid quota files from being encrypted (bsc#1234196). * quota: flush quota_release_work upon quota writeback (bsc#1234195). * quota: simplify drop_dquot_ref() (bsc#1234197). * readahead: use ilog2 instead of a while loop in page_cache_ra_order() (bsc#1234208). * regmap: Use correct format specifier for logging range errors (stable- fixes). * regulator: rk808: Add apply_bit for BUCK3 on RK809 (stable-fixes). * rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes). * s390/cio: Do not unregister the subchannel based on DNV (git-fixes). * s390/cpum_sf: Convert to cmpxchg128() (bsc#1220773). * s390/cpum_sf: Handle CPU hotplug remove during sampling (git-fixes). * s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes). * s390/facility: Disable compile time optimization for decompressor code (git- fixes). * s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (git-fixes). * s390/pageattr: Implement missing kernel_page_present() (git-fixes). * scatterlist: fix incorrect func name in kernel-doc (git-fixes). * sched/numa: fix memory leak due to the overwritten vma->numab_state (git fixes (sched/numa)). * scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). * scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). * scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). * scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). * scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). * scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). * scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). * scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). * scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). * scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). * scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). * scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). * scsi: qla2xxx: Fix use after free on unload (bsc#1235406). * scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). * scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port (bsc#1235406). * scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). * scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64 (git-fixes). * serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes). * serial: 8250_dw: Do not use struct dw8250_data outside of 8250_dw (git- fixes). * serial: 8250_dw: Replace ACPI device check by a quirk (git-fixes). * serial: 8250_fintek: Add support for F81216E (stable-fixes). * serial: Do not hold the port lock when setting rx-during-tx GPIO (git- fixes). * serial: amba-pl011: Fix RX stall when DMA is used (git-fixes). * serial: amba-pl011: Use port lock wrappers (stable-fixes). * serial: amba-pl011: fix build regression (git-fixes). * serial: do not use uninitialized value in uart_poll_init() (git-fixes). * serial: imx: only set receiver level if it is zero (git-fixes). * serial: imx: set receiver level before starting uart (git-fixes). * serial: qcom-geni: Do not cancel/abort if we can't get the port lock (git- fixes). * serial: qcom-geni: disable interrupts during console writes (git-fixes). * serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() (git- fixes). * serial: qcom-geni: fix console corruption (git-fixes). * serial: qcom-geni: fix dma rx cancellation (git-fixes). * serial: qcom-geni: fix false console tx restart (git-fixes). * serial: qcom-geni: fix fifo polling timeout (git-fixes). * serial: qcom-geni: fix hard lockup on buffer flush (git-fixes). * serial: qcom-geni: fix polled console corruption (git-fixes). * serial: qcom-geni: fix polled console initialisation (git-fixes). * serial: qcom-geni: fix receiver enable (git-fixes). * serial: qcom-geni: fix shutdown race (git-fixes). * serial: qcom-geni: fix soft lockup on sw flow control and suspend (git- fixes). * serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() (git-fixes). * serial: qcom-geni: revert broken hibernation support (git-fixes). * serial: stm32: Return IRQ_NONE in the ISR if no handling happend (git- fixes). * serial: stm32: do not always set SER_RS485_RX_DURING_TX if RS485 is enabled (git-fixes). * slub: Replace cmpxchg_double() (bsc#1220773). * slub: Replace cmpxchg_double() - KABI fix (bsc#1220773). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: fix issue described in bsc#1233642] * soc/fsl: cpm: qmc: Convert to platform remove callback returning void (stable-fixes). * soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes). * soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version (stable-fixes). * soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version (stable-fixes). * soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes). * soc: fsl: cpm1: qmc: Set the ret error code on platform_get_irq() failure (git-fixes). * soc: imx8m: Probe the SoC driver as platform driver (stable-fixes). * soc: qcom: Add check devm_kasprintf() returned value (stable-fixes). * soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition (git-fixes). * soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers (git- fixes). * soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (git-fixes). * spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes). * sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (git-fixes). * sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (git-fixes). * sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes). * svcrdma: Address an integer overflow (git-fixes). * svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git- fixes). * swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes). * swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (git-fixes). * thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes). * tools: hv: change permissions of NetworkManager configuration file (git- fixes). * tpm/eventlog: Limit memory allocations for event logs with excessive size (bsc#1233260 bsc#1233259 bsc#1232421). * tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) * tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes). * types: Introduce [us]128 (bsc#1220773). * ubifs: Correct the total block count by deducting journal reservation (git- fixes). * ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git- fixes). * udf: Fix lock ordering in udf_evict_inode() (bsc#1234238). * udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243). * udf: prevent integer overflow in udf_bitmap_free_blocks() (bsc#1234239). * udf: refactor inode_bmap() to handle error (bsc#1234242). * udf: refactor udf_current_aext() to handle error (bsc#1234240). * udf: refactor udf_next_aext() to handle error (bsc#1234241). * udf: udftime: prevent overflow in udf_disk_stamp_to_time() (bsc#1234237). * usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver (stable-fixes). * usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes). * usb: cdns3: Add quirk flag to enable suspend residency (stable-fixes). * usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable- fixes). * usb: dwc2: Fix HCD port connection race (git-fixes). * usb: dwc2: Fix HCD resume (git-fixes). * usb: dwc2: gadget: Do not write invalid mapped sg entries into dma_desc with iommu enabled (stable-fixes). * usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes). * usb: dwc3: ep0: Do not clear ep0 DWC3_EP_TRANSFER_STARTED (git-fixes). * usb: dwc3: ep0: Do not reset resource alloc flag (git-fixes). * usb: dwc3: ep0: Do not reset resource alloc flag (including ep0) (git- fixes). * usb: dwc3: gadget: Rewrite endpoint allocation flow (stable-fixes). * usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes). * usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes). * usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes). * usb: host: max3421-hcd: Correctly abort a USB request (git-fixes). * usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes). * usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes). * usb: typec: use cleanup facility for 'altmodes_node' (stable-fixes). * vDPA/ifcvf: Fix pci_read_config_byte() return code handling (git-fixes). * vdpa/mlx5: Fix PA offset with unaligned starting iotlb map (git-fixes). * vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes). * vdpa: solidrun: Fix UB bug with devres (git-fixes). * vfs: fix readahead(2) on block devices (bsc#1234201). * wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes). * wifi: ath5k: add PCI ID for SX76X (git-fixes). * wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes). * wifi: cfg80211: sme: init n_channels before channels[] access (git-fixes). * wifi: cw1200: Fix potential NULL dereference (git-fixes). * wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes). * wifi: iwlwifi: mvm: Use the sync timepoint API in suspend (stable-fixes). * wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() (stable- fixes). * wifi: mac80211: fix station NSS capability initialization order (git-fixes). * wifi: mac80211: init cnt before accessing elem in ieee80211_copy_mbssid_beacon (git-fixes). * wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one (git-fixes). * wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures (stable-fixes). * wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable- fixes). * workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). * writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (bsc#1234203). * x86,amd_iommu: Replace cmpxchg_double() (bsc#1220773). * x86,intel_iommu: Replace cmpxchg_double() (bsc#1220773). * x86/hyperv: Fix hv tsc page based sched_clock for hibernation (git-fixes). * xfs: do not allocate COW extents when unsharing a hole (git-fixes). * xfs: fix sb_spino_align checks for large fsblock sizes (git-fixes). * xfs: remove unknown compat feature check in superblock write validation (git-fixes). * xfs: return from xfs_symlink_verify early on V4 filesystems (git-fixes). * xfs: sb_spino_align is not verified (git-fixes). * xhci: Add usb cold attach (CAS) as a reason to resume root hub (git-fixes). * xhci: Allow RPM on the USB controller (1022:43f7) by default (stable-fixes). * xhci: fix possible null pointer deref during xhci urb enqueue (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-153=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-153=1 * SUSE Real Time Module 15-SP6 zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2025-153=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kernel-rt-vdso-debuginfo-6.4.0-150600.10.23.1 * kernel-rt-debugsource-6.4.0-150600.10.23.1 * kernel-rt_debug-devel-6.4.0-150600.10.23.1 * kernel-rt-debuginfo-6.4.0-150600.10.23.1 * kernel-rt_debug-debugsource-6.4.0-150600.10.23.1 * reiserfs-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * kernel-rt-livepatch-devel-6.4.0-150600.10.23.1 * cluster-md-kmp-rt-6.4.0-150600.10.23.1 * kernel-rt-devel-6.4.0-150600.10.23.1 * kernel-rt-vdso-6.4.0-150600.10.23.1 * dlm-kmp-rt-6.4.0-150600.10.23.1 * kernel-rt-optional-6.4.0-150600.10.23.1 * kernel-rt-extra-debuginfo-6.4.0-150600.10.23.1 * kselftests-kmp-rt-6.4.0-150600.10.23.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * kernel-rt-optional-debuginfo-6.4.0-150600.10.23.1 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * kselftests-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * ocfs2-kmp-rt-6.4.0-150600.10.23.1 * kernel-rt_debug-vdso-6.4.0-150600.10.23.1 * kernel-rt-extra-6.4.0-150600.10.23.1 * gfs2-kmp-rt-6.4.0-150600.10.23.1 * kernel-rt_debug-debuginfo-6.4.0-150600.10.23.1 * kernel-rt_debug-vdso-debuginfo-6.4.0-150600.10.23.1 * kernel-syms-rt-6.4.0-150600.10.23.1 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.23.1 * reiserfs-kmp-rt-6.4.0-150600.10.23.1 * kernel-rt-devel-debuginfo-6.4.0-150600.10.23.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * openSUSE Leap 15.6 (noarch) * kernel-source-rt-6.4.0-150600.10.23.1 * kernel-devel-rt-6.4.0-150600.10.23.1 * openSUSE Leap 15.6 (nosrc x86_64) * kernel-rt_debug-6.4.0-150600.10.23.1 * kernel-rt-6.4.0-150600.10.23.1 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_7-debugsource-1-150600.1.3.1 * kernel-livepatch-6_4_0-150600_10_23-rt-1-150600.1.3.1 * kernel-livepatch-6_4_0-150600_10_23-rt-debuginfo-1-150600.1.3.1 * SUSE Real Time Module 15-SP6 (x86_64) * kernel-rt-devel-6.4.0-150600.10.23.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * kernel-rt-debugsource-6.4.0-150600.10.23.1 * gfs2-kmp-rt-6.4.0-150600.10.23.1 * kernel-rt_debug-devel-6.4.0-150600.10.23.1 * kernel-rt-debuginfo-6.4.0-150600.10.23.1 * kernel-rt_debug-debugsource-6.4.0-150600.10.23.1 * kernel-rt_debug-debuginfo-6.4.0-150600.10.23.1 * dlm-kmp-rt-6.4.0-150600.10.23.1 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * kernel-syms-rt-6.4.0-150600.10.23.1 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.23.1 * cluster-md-kmp-rt-6.4.0-150600.10.23.1 * ocfs2-kmp-rt-6.4.0-150600.10.23.1 * kernel-rt-devel-debuginfo-6.4.0-150600.10.23.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.23.1 * SUSE Real Time Module 15-SP6 (noarch) * kernel-source-rt-6.4.0-150600.10.23.1 * kernel-devel-rt-6.4.0-150600.10.23.1 * SUSE Real Time Module 15-SP6 (nosrc x86_64) * kernel-rt_debug-6.4.0-150600.10.23.1 * kernel-rt-6.4.0-150600.10.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26924.html * https://www.suse.com/security/cve/CVE-2024-27397.html * https://www.suse.com/security/cve/CVE-2024-35839.html * https://www.suse.com/security/cve/CVE-2024-36908.html * https://www.suse.com/security/cve/CVE-2024-39480.html * https://www.suse.com/security/cve/CVE-2024-41042.html * https://www.suse.com/security/cve/CVE-2024-44934.html * https://www.suse.com/security/cve/CVE-2024-44996.html * https://www.suse.com/security/cve/CVE-2024-47678.html * https://www.suse.com/security/cve/CVE-2024-49854.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49915.html * https://www.suse.com/security/cve/CVE-2024-50016.html * https://www.suse.com/security/cve/CVE-2024-50018.html * https://www.suse.com/security/cve/CVE-2024-50039.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50143.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-50202.html * https://www.suse.com/security/cve/CVE-2024-50203.html * https://www.suse.com/security/cve/CVE-2024-50211.html * https://www.suse.com/security/cve/CVE-2024-50228.html * https://www.suse.com/security/cve/CVE-2024-50256.html * https://www.suse.com/security/cve/CVE-2024-50262.html * https://www.suse.com/security/cve/CVE-2024-50272.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50280.html * https://www.suse.com/security/cve/CVE-2024-53050.html * https://www.suse.com/security/cve/CVE-2024-53064.html * https://www.suse.com/security/cve/CVE-2024-53090.html * https://www.suse.com/security/cve/CVE-2024-53099.html * https://www.suse.com/security/cve/CVE-2024-53103.html * https://www.suse.com/security/cve/CVE-2024-53105.html * https://www.suse.com/security/cve/CVE-2024-53111.html * https://www.suse.com/security/cve/CVE-2024-53113.html * https://www.suse.com/security/cve/CVE-2024-53117.html * https://www.suse.com/security/cve/CVE-2024-53118.html * https://www.suse.com/security/cve/CVE-2024-53119.html * https://www.suse.com/security/cve/CVE-2024-53120.html * https://www.suse.com/security/cve/CVE-2024-53122.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-53126.html * https://www.suse.com/security/cve/CVE-2024-53127.html * https://www.suse.com/security/cve/CVE-2024-53129.html * https://www.suse.com/security/cve/CVE-2024-53130.html * https://www.suse.com/security/cve/CVE-2024-53131.html * https://www.suse.com/security/cve/CVE-2024-53133.html * https://www.suse.com/security/cve/CVE-2024-53134.html * https://www.suse.com/security/cve/CVE-2024-53136.html * https://www.suse.com/security/cve/CVE-2024-53141.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53148.html * https://www.suse.com/security/cve/CVE-2024-53150.html * https://www.suse.com/security/cve/CVE-2024-53151.html * https://www.suse.com/security/cve/CVE-2024-53154.html * https://www.suse.com/security/cve/CVE-2024-53155.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53157.html * https://www.suse.com/security/cve/CVE-2024-53158.html * https://www.suse.com/security/cve/CVE-2024-53159.html * https://www.suse.com/security/cve/CVE-2024-53160.html * https://www.suse.com/security/cve/CVE-2024-53161.html * https://www.suse.com/security/cve/CVE-2024-53162.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53169.html * https://www.suse.com/security/cve/CVE-2024-53171.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53174.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53180.html * https://www.suse.com/security/cve/CVE-2024-53188.html * https://www.suse.com/security/cve/CVE-2024-53190.html * https://www.suse.com/security/cve/CVE-2024-53191.html * https://www.suse.com/security/cve/CVE-2024-53200.html * https://www.suse.com/security/cve/CVE-2024-53201.html * https://www.suse.com/security/cve/CVE-2024-53202.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53207.html * https://www.suse.com/security/cve/CVE-2024-53208.html * https://www.suse.com/security/cve/CVE-2024-53209.html * https://www.suse.com/security/cve/CVE-2024-53210.html * https://www.suse.com/security/cve/CVE-2024-53213.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53215.html * https://www.suse.com/security/cve/CVE-2024-53216.html * https://www.suse.com/security/cve/CVE-2024-53217.html * https://www.suse.com/security/cve/CVE-2024-53222.html * https://www.suse.com/security/cve/CVE-2024-53224.html * https://www.suse.com/security/cve/CVE-2024-53229.html * https://www.suse.com/security/cve/CVE-2024-53234.html * https://www.suse.com/security/cve/CVE-2024-53237.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56536.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56549.html * https://www.suse.com/security/cve/CVE-2024-56551.html * https://www.suse.com/security/cve/CVE-2024-56562.html * https://www.suse.com/security/cve/CVE-2024-56566.html * https://www.suse.com/security/cve/CVE-2024-56567.html * https://www.suse.com/security/cve/CVE-2024-56576.html * https://www.suse.com/security/cve/CVE-2024-56582.html * https://www.suse.com/security/cve/CVE-2024-56599.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56645.html * https://www.suse.com/security/cve/CVE-2024-56667.html * https://www.suse.com/security/cve/CVE-2024-56752.html * https://www.suse.com/security/cve/CVE-2024-56754.html * https://www.suse.com/security/cve/CVE-2024-56755.html * https://www.suse.com/security/cve/CVE-2024-56756.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1214954 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1220773 * https://bugzilla.suse.com/show_bug.cgi?id=1224095 * https://bugzilla.suse.com/show_bug.cgi?id=1224726 * https://bugzilla.suse.com/show_bug.cgi?id=1225743 * https://bugzilla.suse.com/show_bug.cgi?id=1225820 * https://bugzilla.suse.com/show_bug.cgi?id=1227445 * https://bugzilla.suse.com/show_bug.cgi?id=1228526 * https://bugzilla.suse.com/show_bug.cgi?id=1229809 * https://bugzilla.suse.com/show_bug.cgi?id=1230205 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1231854 * https://bugzilla.suse.com/show_bug.cgi?id=1231909 * https://bugzilla.suse.com/show_bug.cgi?id=1231963 * https://bugzilla.suse.com/show_bug.cgi?id=1232193 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232419 * https://bugzilla.suse.com/show_bug.cgi?id=1232420 * https://bugzilla.suse.com/show_bug.cgi?id=1232421 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1233038 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233096 * https://bugzilla.suse.com/show_bug.cgi?id=1233200 * https://bugzilla.suse.com/show_bug.cgi?id=1233204 * https://bugzilla.suse.com/show_bug.cgi?id=1233239 * https://bugzilla.suse.com/show_bug.cgi?id=1233259 * https://bugzilla.suse.com/show_bug.cgi?id=1233260 * https://bugzilla.suse.com/show_bug.cgi?id=1233324 * https://bugzilla.suse.com/show_bug.cgi?id=1233328 * https://bugzilla.suse.com/show_bug.cgi?id=1233461 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233469 * https://bugzilla.suse.com/show_bug.cgi?id=1233546 * https://bugzilla.suse.com/show_bug.cgi?id=1233558 * https://bugzilla.suse.com/show_bug.cgi?id=1233637 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1233772 * https://bugzilla.suse.com/show_bug.cgi?id=1233837 * https://bugzilla.suse.com/show_bug.cgi?id=1234024 * https://bugzilla.suse.com/show_bug.cgi?id=1234069 * https://bugzilla.suse.com/show_bug.cgi?id=1234071 * https://bugzilla.suse.com/show_bug.cgi?id=1234073 * https://bugzilla.suse.com/show_bug.cgi?id=1234075 * https://bugzilla.suse.com/show_bug.cgi?id=1234076 * https://bugzilla.suse.com/show_bug.cgi?id=1234077 * https://bugzilla.suse.com/show_bug.cgi?id=1234079 * https://bugzilla.suse.com/show_bug.cgi?id=1234086 * https://bugzilla.suse.com/show_bug.cgi?id=1234139 * https://bugzilla.suse.com/show_bug.cgi?id=1234140 * https://bugzilla.suse.com/show_bug.cgi?id=1234141 * https://bugzilla.suse.com/show_bug.cgi?id=1234142 * https://bugzilla.suse.com/show_bug.cgi?id=1234143 * https://bugzilla.suse.com/show_bug.cgi?id=1234144 * https://bugzilla.suse.com/show_bug.cgi?id=1234145 * https://bugzilla.suse.com/show_bug.cgi?id=1234146 * https://bugzilla.suse.com/show_bug.cgi?id=1234147 * https://bugzilla.suse.com/show_bug.cgi?id=1234148 * https://bugzilla.suse.com/show_bug.cgi?id=1234149 * https://bugzilla.suse.com/show_bug.cgi?id=1234150 * https://bugzilla.suse.com/show_bug.cgi?id=1234153 * https://bugzilla.suse.com/show_bug.cgi?id=1234155 * https://bugzilla.suse.com/show_bug.cgi?id=1234156 * https://bugzilla.suse.com/show_bug.cgi?id=1234158 * https://bugzilla.suse.com/show_bug.cgi?id=1234159 * https://bugzilla.suse.com/show_bug.cgi?id=1234160 * https://bugzilla.suse.com/show_bug.cgi?id=1234161 * https://bugzilla.suse.com/show_bug.cgi?id=1234162 * https://bugzilla.suse.com/show_bug.cgi?id=1234163 * https://bugzilla.suse.com/show_bug.cgi?id=1234164 * https://bugzilla.suse.com/show_bug.cgi?id=1234165 * https://bugzilla.suse.com/show_bug.cgi?id=1234166 * https://bugzilla.suse.com/show_bug.cgi?id=1234167 * https://bugzilla.suse.com/show_bug.cgi?id=1234168 * https://bugzilla.suse.com/show_bug.cgi?id=1234169 * https://bugzilla.suse.com/show_bug.cgi?id=1234170 * https://bugzilla.suse.com/show_bug.cgi?id=1234171 * https://bugzilla.suse.com/show_bug.cgi?id=1234172 * https://bugzilla.suse.com/show_bug.cgi?id=1234173 * https://bugzilla.suse.com/show_bug.cgi?id=1234174 * https://bugzilla.suse.com/show_bug.cgi?id=1234175 * https://bugzilla.suse.com/show_bug.cgi?id=1234176 * https://bugzilla.suse.com/show_bug.cgi?id=1234177 * https://bugzilla.suse.com/show_bug.cgi?id=1234178 * https://bugzilla.suse.com/show_bug.cgi?id=1234179 * https://bugzilla.suse.com/show_bug.cgi?id=1234180 * https://bugzilla.suse.com/show_bug.cgi?id=1234181 * https://bugzilla.suse.com/show_bug.cgi?id=1234182 * https://bugzilla.suse.com/show_bug.cgi?id=1234183 * https://bugzilla.suse.com/show_bug.cgi?id=1234184 * https://bugzilla.suse.com/show_bug.cgi?id=1234185 * https://bugzilla.suse.com/show_bug.cgi?id=1234186 * https://bugzilla.suse.com/show_bug.cgi?id=1234187 * https://bugzilla.suse.com/show_bug.cgi?id=1234188 * https://bugzilla.suse.com/show_bug.cgi?id=1234189 * https://bugzilla.suse.com/show_bug.cgi?id=1234190 * https://bugzilla.suse.com/show_bug.cgi?id=1234191 * https://bugzilla.suse.com/show_bug.cgi?id=1234192 * https://bugzilla.suse.com/show_bug.cgi?id=1234193 * https://bugzilla.suse.com/show_bug.cgi?id=1234194 * https://bugzilla.suse.com/show_bug.cgi?id=1234195 * https://bugzilla.suse.com/show_bug.cgi?id=1234196 * https://bugzilla.suse.com/show_bug.cgi?id=1234197 * https://bugzilla.suse.com/show_bug.cgi?id=1234198 * https://bugzilla.suse.com/show_bug.cgi?id=1234199 * https://bugzilla.suse.com/show_bug.cgi?id=1234200 * https://bugzilla.suse.com/show_bug.cgi?id=1234201 * https://bugzilla.suse.com/show_bug.cgi?id=1234203 * https://bugzilla.suse.com/show_bug.cgi?id=1234204 * https://bugzilla.suse.com/show_bug.cgi?id=1234205 * https://bugzilla.suse.com/show_bug.cgi?id=1234207 * https://bugzilla.suse.com/show_bug.cgi?id=1234208 * https://bugzilla.suse.com/show_bug.cgi?id=1234209 * https://bugzilla.suse.com/show_bug.cgi?id=1234219 * https://bugzilla.suse.com/show_bug.cgi?id=1234220 * https://bugzilla.suse.com/show_bug.cgi?id=1234221 * https://bugzilla.suse.com/show_bug.cgi?id=1234237 * https://bugzilla.suse.com/show_bug.cgi?id=1234238 * https://bugzilla.suse.com/show_bug.cgi?id=1234239 * https://bugzilla.suse.com/show_bug.cgi?id=1234240 * https://bugzilla.suse.com/show_bug.cgi?id=1234241 * https://bugzilla.suse.com/show_bug.cgi?id=1234242 * https://bugzilla.suse.com/show_bug.cgi?id=1234243 * https://bugzilla.suse.com/show_bug.cgi?id=1234278 * https://bugzilla.suse.com/show_bug.cgi?id=1234279 * https://bugzilla.suse.com/show_bug.cgi?id=1234280 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234294 * https://bugzilla.suse.com/show_bug.cgi?id=1234338 * https://bugzilla.suse.com/show_bug.cgi?id=1234357 * https://bugzilla.suse.com/show_bug.cgi?id=1234381 * https://bugzilla.suse.com/show_bug.cgi?id=1234454 * https://bugzilla.suse.com/show_bug.cgi?id=1234464 * https://bugzilla.suse.com/show_bug.cgi?id=1234605 * https://bugzilla.suse.com/show_bug.cgi?id=1234651 * https://bugzilla.suse.com/show_bug.cgi?id=1234652 * https://bugzilla.suse.com/show_bug.cgi?id=1234654 * https://bugzilla.suse.com/show_bug.cgi?id=1234655 * https://bugzilla.suse.com/show_bug.cgi?id=1234657 * https://bugzilla.suse.com/show_bug.cgi?id=1234658 * https://bugzilla.suse.com/show_bug.cgi?id=1234659 * https://bugzilla.suse.com/show_bug.cgi?id=1234668 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234725 * https://bugzilla.suse.com/show_bug.cgi?id=1234726 * https://bugzilla.suse.com/show_bug.cgi?id=1234810 * https://bugzilla.suse.com/show_bug.cgi?id=1234811 * https://bugzilla.suse.com/show_bug.cgi?id=1234826 * https://bugzilla.suse.com/show_bug.cgi?id=1234827 * https://bugzilla.suse.com/show_bug.cgi?id=1234829 * https://bugzilla.suse.com/show_bug.cgi?id=1234832 * https://bugzilla.suse.com/show_bug.cgi?id=1234834 * https://bugzilla.suse.com/show_bug.cgi?id=1234843 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234848 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234855 * https://bugzilla.suse.com/show_bug.cgi?id=1234856 * https://bugzilla.suse.com/show_bug.cgi?id=1234884 * https://bugzilla.suse.com/show_bug.cgi?id=1234889 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234899 * https://bugzilla.suse.com/show_bug.cgi?id=1234900 * https://bugzilla.suse.com/show_bug.cgi?id=1234905 * https://bugzilla.suse.com/show_bug.cgi?id=1234907 * https://bugzilla.suse.com/show_bug.cgi?id=1234909 * https://bugzilla.suse.com/show_bug.cgi?id=1234911 * https://bugzilla.suse.com/show_bug.cgi?id=1234912 * https://bugzilla.suse.com/show_bug.cgi?id=1234916 * https://bugzilla.suse.com/show_bug.cgi?id=1234918 * https://bugzilla.suse.com/show_bug.cgi?id=1234920 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234922 * https://bugzilla.suse.com/show_bug.cgi?id=1234929 * https://bugzilla.suse.com/show_bug.cgi?id=1234930 * https://bugzilla.suse.com/show_bug.cgi?id=1234937 * https://bugzilla.suse.com/show_bug.cgi?id=1234948 * https://bugzilla.suse.com/show_bug.cgi?id=1234950 * https://bugzilla.suse.com/show_bug.cgi?id=1234952 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234962 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1234968 * https://bugzilla.suse.com/show_bug.cgi?id=1234969 * https://bugzilla.suse.com/show_bug.cgi?id=1234970 * https://bugzilla.suse.com/show_bug.cgi?id=1234971 * https://bugzilla.suse.com/show_bug.cgi?id=1234973 * https://bugzilla.suse.com/show_bug.cgi?id=1234974 * https://bugzilla.suse.com/show_bug.cgi?id=1234989 * https://bugzilla.suse.com/show_bug.cgi?id=1234999 * https://bugzilla.suse.com/show_bug.cgi?id=1235002 * https://bugzilla.suse.com/show_bug.cgi?id=1235003 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235007 * https://bugzilla.suse.com/show_bug.cgi?id=1235009 * https://bugzilla.suse.com/show_bug.cgi?id=1235016 * https://bugzilla.suse.com/show_bug.cgi?id=1235019 * https://bugzilla.suse.com/show_bug.cgi?id=1235033 * https://bugzilla.suse.com/show_bug.cgi?id=1235045 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235075 * https://bugzilla.suse.com/show_bug.cgi?id=1235108 * https://bugzilla.suse.com/show_bug.cgi?id=1235128 * https://bugzilla.suse.com/show_bug.cgi?id=1235134 * https://bugzilla.suse.com/show_bug.cgi?id=1235138 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235406 * https://bugzilla.suse.com/show_bug.cgi?id=1235409 * https://bugzilla.suse.com/show_bug.cgi?id=1235416 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 * https://bugzilla.suse.com/show_bug.cgi?id=1235550 * https://jira.suse.com/browse/PED-10467 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 12:35:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 12:35:12 -0000 Subject: SUSE-SU-2025:0154-1: important: Security update for the Linux Kernel Message-ID: <173711731257.29714.2499194304428890227@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0154-1 Release Date: 2025-01-17T09:15:31Z Rating: important References: * bsc#1214954 * bsc#1216813 * bsc#1220773 * bsc#1224095 * bsc#1224726 * bsc#1225743 * bsc#1225758 * bsc#1225820 * bsc#1227445 * bsc#1228526 * bsc#1229809 * bsc#1230205 * bsc#1230413 * bsc#1230697 * bsc#1231854 * bsc#1231909 * bsc#1231963 * bsc#1232193 * bsc#1232198 * bsc#1232201 * bsc#1232418 * bsc#1232419 * bsc#1232420 * bsc#1232421 * bsc#1232436 * bsc#1233038 * bsc#1233070 * bsc#1233096 * bsc#1233200 * bsc#1233204 * bsc#1233239 * bsc#1233259 * bsc#1233260 * bsc#1233324 * bsc#1233328 * bsc#1233461 * bsc#1233467 * bsc#1233468 * bsc#1233469 * bsc#1233546 * bsc#1233558 * bsc#1233637 * bsc#1233642 * bsc#1233772 * bsc#1233837 * bsc#1234024 * bsc#1234069 * bsc#1234071 * bsc#1234073 * bsc#1234075 * bsc#1234076 * bsc#1234077 * bsc#1234079 * bsc#1234086 * bsc#1234139 * bsc#1234140 * bsc#1234141 * bsc#1234142 * bsc#1234143 * bsc#1234144 * bsc#1234145 * bsc#1234146 * bsc#1234147 * bsc#1234148 * bsc#1234149 * bsc#1234150 * bsc#1234153 * bsc#1234155 * bsc#1234156 * bsc#1234158 * bsc#1234159 * bsc#1234160 * bsc#1234161 * bsc#1234162 * bsc#1234163 * bsc#1234164 * bsc#1234165 * bsc#1234166 * bsc#1234167 * bsc#1234168 * bsc#1234169 * bsc#1234170 * bsc#1234171 * bsc#1234172 * bsc#1234173 * bsc#1234174 * bsc#1234175 * bsc#1234176 * bsc#1234177 * bsc#1234178 * bsc#1234179 * bsc#1234180 * bsc#1234181 * bsc#1234182 * bsc#1234183 * bsc#1234184 * bsc#1234185 * bsc#1234186 * bsc#1234187 * bsc#1234188 * bsc#1234189 * bsc#1234190 * bsc#1234191 * bsc#1234192 * bsc#1234193 * bsc#1234194 * bsc#1234195 * bsc#1234196 * bsc#1234197 * bsc#1234198 * bsc#1234199 * bsc#1234200 * bsc#1234201 * bsc#1234203 * bsc#1234204 * bsc#1234205 * bsc#1234207 * bsc#1234208 * bsc#1234209 * bsc#1234219 * bsc#1234220 * bsc#1234221 * bsc#1234237 * bsc#1234238 * bsc#1234239 * bsc#1234240 * bsc#1234241 * bsc#1234242 * bsc#1234243 * bsc#1234278 * bsc#1234279 * bsc#1234280 * bsc#1234281 * bsc#1234282 * bsc#1234294 * bsc#1234338 * bsc#1234357 * bsc#1234381 * bsc#1234454 * bsc#1234464 * bsc#1234605 * bsc#1234651 * bsc#1234652 * bsc#1234654 * bsc#1234655 * bsc#1234657 * bsc#1234658 * bsc#1234659 * bsc#1234668 * bsc#1234690 * bsc#1234725 * bsc#1234726 * bsc#1234810 * bsc#1234811 * bsc#1234826 * bsc#1234827 * bsc#1234829 * bsc#1234832 * bsc#1234834 * bsc#1234843 * bsc#1234846 * bsc#1234848 * bsc#1234853 * bsc#1234855 * bsc#1234856 * bsc#1234884 * bsc#1234889 * bsc#1234891 * bsc#1234899 * bsc#1234900 * bsc#1234905 * bsc#1234907 * bsc#1234909 * bsc#1234911 * bsc#1234912 * bsc#1234916 * bsc#1234918 * bsc#1234920 * bsc#1234921 * bsc#1234922 * bsc#1234929 * bsc#1234930 * bsc#1234937 * bsc#1234948 * bsc#1234950 * bsc#1234952 * bsc#1234960 * bsc#1234962 * bsc#1234963 * bsc#1234968 * bsc#1234969 * bsc#1234970 * bsc#1234971 * bsc#1234973 * bsc#1234974 * bsc#1234989 * bsc#1234999 * bsc#1235002 * bsc#1235003 * bsc#1235004 * bsc#1235007 * bsc#1235009 * bsc#1235016 * bsc#1235019 * bsc#1235033 * bsc#1235045 * bsc#1235056 * bsc#1235061 * bsc#1235075 * bsc#1235108 * bsc#1235128 * bsc#1235134 * bsc#1235138 * bsc#1235246 * bsc#1235406 * bsc#1235409 * bsc#1235416 * bsc#1235507 * bsc#1235550 * jsc#PED-10467 Cross-References: * CVE-2024-26924 * CVE-2024-27397 * CVE-2024-35839 * CVE-2024-36908 * CVE-2024-36915 * CVE-2024-39480 * CVE-2024-41042 * CVE-2024-44934 * CVE-2024-44996 * CVE-2024-47678 * CVE-2024-49854 * CVE-2024-49884 * CVE-2024-49915 * CVE-2024-50016 * CVE-2024-50018 * CVE-2024-50039 * CVE-2024-50047 * CVE-2024-50143 * CVE-2024-50154 * CVE-2024-50202 * CVE-2024-50203 * CVE-2024-50211 * CVE-2024-50228 * CVE-2024-50256 * CVE-2024-50262 * CVE-2024-50272 * CVE-2024-50278 * CVE-2024-50279 * CVE-2024-50280 * CVE-2024-53050 * CVE-2024-53064 * CVE-2024-53090 * CVE-2024-53095 * CVE-2024-53099 * CVE-2024-53103 * CVE-2024-53105 * CVE-2024-53111 * CVE-2024-53113 * CVE-2024-53117 * CVE-2024-53118 * CVE-2024-53119 * CVE-2024-53120 * CVE-2024-53122 * CVE-2024-53125 * CVE-2024-53126 * CVE-2024-53127 * CVE-2024-53129 * CVE-2024-53130 * CVE-2024-53131 * CVE-2024-53133 * CVE-2024-53134 * CVE-2024-53136 * CVE-2024-53141 * CVE-2024-53142 * CVE-2024-53144 * CVE-2024-53146 * CVE-2024-53148 * CVE-2024-53150 * CVE-2024-53151 * CVE-2024-53154 * CVE-2024-53155 * CVE-2024-53156 * CVE-2024-53157 * CVE-2024-53158 * CVE-2024-53159 * CVE-2024-53160 * CVE-2024-53161 * CVE-2024-53162 * CVE-2024-53166 * CVE-2024-53169 * CVE-2024-53171 * CVE-2024-53173 * CVE-2024-53174 * CVE-2024-53179 * CVE-2024-53180 * CVE-2024-53188 * CVE-2024-53190 * CVE-2024-53191 * CVE-2024-53200 * CVE-2024-53201 * CVE-2024-53202 * CVE-2024-53206 * CVE-2024-53207 * CVE-2024-53208 * CVE-2024-53209 * CVE-2024-53210 * CVE-2024-53213 * CVE-2024-53214 * CVE-2024-53215 * CVE-2024-53216 * CVE-2024-53217 * CVE-2024-53222 * CVE-2024-53224 * CVE-2024-53229 * CVE-2024-53234 * CVE-2024-53237 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56536 * CVE-2024-56539 * CVE-2024-56549 * CVE-2024-56551 * CVE-2024-56562 * CVE-2024-56566 * CVE-2024-56567 * CVE-2024-56576 * CVE-2024-56582 * CVE-2024-56599 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56645 * CVE-2024-56667 * CVE-2024-56752 * CVE-2024-56754 * CVE-2024-56755 * CVE-2024-56756 * CVE-2024-8805 CVSS scores: * CVE-2024-26924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27397 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36908 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39480 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L * CVE-2024-39480 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44996 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-49854 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49854 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49854 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49915 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50018 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50203 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50203 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50203 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50211 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50228 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50228 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-50228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50262 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50262 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50272 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50279 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50279 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53050 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53099 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53099 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53099 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53111 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53111 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53117 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53118 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53127 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53133 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53133 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53134 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53141 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53148 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53148 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53150 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53150 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53151 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53154 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53154 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53155 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53155 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53155 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53159 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53159 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-53160 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53160 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53161 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53169 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53169 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53171 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53174 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53174 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53180 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53180 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53188 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53190 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-53190 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-53191 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53191 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53200 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53201 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53202 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53202 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-53202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53207 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53207 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53208 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53208 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53208 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53209 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53209 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53213 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53215 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53216 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53216 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53217 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53222 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53222 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53222 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53224 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53224 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53229 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53229 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53234 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53234 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53237 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53237 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56536 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56536 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56536 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56549 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56549 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56551 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56551 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56551 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56562 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56562 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56566 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56566 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2024-56567 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56567 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56576 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56582 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56582 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56582 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56599 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56599 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56599 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56645 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56645 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56667 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56752 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56752 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56754 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56754 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56755 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56755 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56756 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56756 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56756 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves 117 vulnerabilities, contains one feature and has 102 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). * CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095). * CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). * CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). * CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205). * CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). * CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). * CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909). * CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). * CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). * CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). * CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469). * CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). * CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). * CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546). * CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464). * CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). * CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). * CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772). * CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069). * CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086). * CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). * CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079). * CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071). * CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). * CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). * CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). * CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). * CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221) * CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159). * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). * CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810). * CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003). * CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974). * CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045). * CVE-2024-53240: xen/netfront: fix crash when removing device (XSA-465 bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). * CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). * CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033). * CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128). * CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: * 9p: v9fs_fid_find: also lookup by inode if not found dentry (git-fixes). * ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) * ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467). * ACPI: resource: Fix memory resource type union access (git-fixes). * ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable- fixes). * ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable- fixes). * ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable- fixes). * ACPICA: events/evxfregn: do not release the ContextMutex that was never acquired (git-fixes). * ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: seq: Check UMP support for midi_version change (git-fixes). * ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). * ALSA: seq: ump: Fix seq port updates per FB info notify (git-fixes). * ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes). * ALSA: seq: ump: Use guard() for locking (stable-fixes). * ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes). * ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). * ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C (stable-fixes). * ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP (stable- fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen 5 21MES00B00 (stable-fixes). * ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes). * ASoC: amd: yc: Fix the wrong return value (git-fixes). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: hdmi-codec: reorder channel allocation list (stable-fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (stable- fixes). * Bluetooth: ISO: Reassociate a socket with an active BIS (stable-fixes). * Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes). * Bluetooth: MGMT: Fix possible deadlocks (git-fixes). * Bluetooth: SCO: Add support for 16 bits transparent voice setting (git- fixes). * Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable- fixes). * Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes). * Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (git- fixes). * Bluetooth: iso: Fix recursive locking warning (git-fixes). * Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git- fixes). * Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git- fixes). * HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes). * NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git- fixes). * NFSD: Async COPY result needs to return a write verifier (git-fixes). * NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (git- fixes). * NFSD: Fix nfsd4_shutdown_copy() (git-fixes). * NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). * NFSD: Prevent a potential integer overflow (git-fixes). * NFSD: Remove a never-true comparison (git-fixes). * NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point (git-fixes). * NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git- fixes). * Octeontx2-pf: Free send queue buffers incase of leaf to inner (git-fixes). * PCI/AER: Disable AER service on suspend (stable-fixes). * PCI/MSI: Handle lack of irqdomain gracefully (git-fixes). * PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes). * PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes). * PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes). * PCI: Add T_PERST_CLK_US macro (git-fixes). * PCI: Detect and trust built-in Thunderbolt chips (stable-fixes). * PCI: Fix use-after-free of slot->bus on hot remove (stable-fixes). * PCI: Use preserve_config in place of pci_flags (stable-fixes). * PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() (stable-fixes). * PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes). * PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (stable-fixes). * PCI: j721e: Add PCIe 4x lane selection support (stable-fixes). * PCI: j721e: Add per platform maximum lane settings (stable-fixes). * PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes). * PCI: j721e: Add suspend and resume support (git-fixes). * PCI: j721e: Use T_PERST_CLK_US macro (git-fixes). * PCI: qcom: Add support for IPQ9574 (stable-fixes). * PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable- fixes). * PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes). * RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467). * RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes) * RDMA/bnxt_re: Avoid initializing the software queue for user queues (git- fixes) * RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes) * RDMA/bnxt_re: Disable use of reserved wqes (git-fixes) * RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes) * RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes) * RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes) * RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes) * RDMA/bnxt_re: Remove always true dattr validity check (git-fixes) * RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes) * RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes) * RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes) * RDMA/hns: Fix missing flush CQE for DWQE (git-fixes) * RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes) * RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes) * RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes) * RDMA/uverbs: Prevent integer overflow issue (git-fixes) * Revert "block/mq-deadline: use correct way to throttling write requests" (bsc#1234146). * Revert "btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)" * Revert "igb: Disable threaded IRQ for igb_msix_other" (git-fixes). * Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413) * Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413) * Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413) * Revert "unicode: Do not special case ignorable code points" (stable-fixes). * SUNRPC: make sure cache entry active before cache_show (git-fixes). * SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (git-fixes). * USB: serial: option: add MediaTek T7XX compositions (stable-fixes). * USB: serial: option: add MeiG Smart SLM770A (stable-fixes). * USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable- fixes). * USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes). * USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes). * accel/habanalabs/gaudi2: unsecure tpc count registers (stable-fixes). * accel/habanalabs: export dma-buf only if size/offset multiples of PAGE_SIZE (stable-fixes). * accel/habanalabs: fix debugfs files permissions (stable-fixes). * accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings (stable- fixes). * acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes). * af_unix: Call manage_oob() for every skb in unix_stream_read_generic() (bsc#1234725). * afs: Automatically generate trace tag enums (git-fixes). * afs: Fix missing subdir edit when renamed between parent dirs (git-fixes). * amdgpu/uvd: get ring reference from rq scheduler (git-fixes). * arch: Introduce arch_{,try_}_cmpxchg128{,_local}() (bsc#1220773). * arch: Remove cmpxchg_double (bsc#1220773). * arch: consolidate arch_irq_work_raise prototypes (git-fixes). * arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) * arm64: Force position-independent veneers (git-fixes). * arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes). * autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). * batman-adv: Do not let TT changes list grows indefinitely (git-fixes). * batman-adv: Do not send uninitialized TT changes (git-fixes). * batman-adv: Remove uninitialized data in full table TT response (git-fixes). * blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726). * blk-core: use pr_warn_ratelimited() in bio_check_ro() (bsc#1234139). * blk-iocost: Fix an UBSAN shift-out-of-bounds warning (bsc#1234144). * blk-iocost: do not WARN if iocg was already offlined (bsc#1234147). * blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (bsc#1234140). * block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() (bsc#1234149). * block, bfq: do not break merge chain in bfq_split_bfqq() (bsc#1234150). * block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234160). * block, bfq: fix procress reference leakage for bfqq in merge chain (bsc#1234280). * block, bfq: fix uaf for accessing waker_bfqq after splitting (bsc#1234279). * block/mq-deadline: Fix the tag reservation code (bsc#1234148). * block: Call .limit_depth() after .hctx has been set (bsc#1234148). * block: Fix where bio IO priority gets set (bsc#1234145). * block: prevent an integer overflow in bvec_try_merge_hw_page (bsc#1234142). * block: update the stable_writes flag in bdev_add (bsc#1234141). * bnxt_en: Fix receive ring space parameters when XDP is active (git-fixes). * bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes). * bnxt_en: Set backplane link modes correctly for ethtool (git-fixes). * bpf, x86: Fix PROBE_MEM runtime load check (git-fixes). * bpf: verifier: prevent userspace memory access (git-fixes). * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) * can: gs_usb: add VID/PID for Xylanta SAINT3 product family (stable-fixes). * can: j1939: fix error in J1939 documentation (stable-fixes). * checkpatch: always parse orig_commit in fixes tag (git-fixes). * checkpatch: check for missing Fixes tags (stable-fixes). * clocksource/drivers/timer-ti-dm: Fix child node refcount handling (git- fixes). * clocksource/drivers:sp804: Make user selectable (git-fixes). * counter: stm32-timer-cnt: Add check for clk_enable() (git-fixes). * counter: ti-ecap-capture: Add check for clk_enable() (git-fixes). * crypto: qat - disable IOV in adf_dev_stop() (git-fixes). * crypto: x86/sha256 - Add parentheses around macros' single arguments (stable-fixes). * cyrpto/b128ops: Remove struct u128 (bsc#1220773). * devlink: Fix length of eswitch inline-mode (git-fixes). * dma-buf: fix dma_fence_array_signaled v4 (stable-fixes). * dma-debug: fix a possible deadlock on radix_lock (stable-fixes). * dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes). * dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git- fixes). * dmaengine: dw: Select only supported masters for ACPI devices (git-fixes). * dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). * dmaengine: mv_xor: fix child node refcount handling in early exit (git- fixes). * dmaengine: tegra: Return correct DMA status when paused (git-fixes). * driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link (stable-fixes). * driver core: fw_devlink: Improve logs for cycle detection (stable-fixes). * driver core: fw_devlink: Stop trying to optimize cycle detection logic (git- fixes). * drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path (git-fixes). * drm/amd/display: Add HDR workaround for specific eDP (stable-fixes). * drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw (stable-fixes). * drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes). * drm/amd/display: Avoid overflow assignment in link_dp_cts (stable-fixes). * drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable- fixes). * drm/amd/display: Revert Avoid overflow assignment (stable-fixes). * drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces (stable- fixes). * drm/amd/pm: fix the high voltage issue after unload (stable-fixes). * drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu v13.0.7 (stable-fixes). * drm/amdgpu/gfx10: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/gfx11: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/gfx9: properly handle error ints on all pipes (stable-fixes). * drm/amdgpu/gfx9: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes). * drm/amdgpu/pm: Remove gpu_od if it's an empty directory (stable-fixes). * drm/amdgpu/umsch: do not execute umsch test when GPU is in reset/suspend (stable-fixes). * drm/amdgpu/umsch: reinitialize write pointer in hw init (stable-fixes). * drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes). * drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes). * drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes). * drm/amdgpu: add raven1 gfxoff quirk (stable-fixes). * drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes). * drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes). * drm/amdgpu: differentiate external rev id for gfx 11.5.0 (stable-fixes). * drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable- fixes). * drm/amdgpu: do not access invalid sched (git-fixes). * drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes). * drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable- fixes). * drm/amdgpu: fix usage slab after free (stable-fixes). * drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes). * drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable- fixes). * drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes). * drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes). * drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes). * drm/amdkfd: Use device based logging for errors (stable-fixes). * drm/amdkfd: Use the correct wptr size (stable-fixes). * drm/amdkfd: pause autosuspend when creating pdd (stable-fixes). * drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). * drm/bridge: it6505: Enable module autoloading (stable-fixes). * drm/bridge: it6505: Fix inverted reset polarity (git-fixes). * drm/bridge: it6505: update usleep_range for RC circuit charge time (stable- fixes). * drm/display: Fix building with GCC 15 (stable-fixes). * drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). * drm/dp_mst: Fix MST sideband message body length check (stable-fixes). * drm/dp_mst: Fix resetting msg rx state after topology removal (git-fixes). * drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes). * drm/etnaviv: flush shader L1 cache after user commandstream (stable-fixes). * drm/i915/dg1: Fix power gate sequence (git-fixes). * drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes). * drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes). * drm/mcde: Enable module autoloading (stable-fixes). * drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable- fixes). * drm/nouveau/gsp: Use the sg allocator for level 2 of radix3 (stable-fixes). * drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git- fixes). * drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes). * drm/printer: Allow NULL data in devcoredump printer (stable-fixes). * drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable- fixes). * drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes). * drm/radeon: Fix spurious unplug event on radeon HDMI (git-fixes). * drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes). * drm/radeon: change rdev->ddev to rdev_to_drm(rdev) (stable-fixes). * drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes). * drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes). * drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes). * drm: adv7511: Drop dsi single lane support (git-fixes). * drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes). * drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). * erofs: avoid debugging output for (de)compressed data (git-fixes). * exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). * ext4: add a new helper to check if es must be kept (bsc#1234170). * ext4: add correct group descriptors and reserved GDT blocks to system zone (bsc#1234164). * ext4: add missed brelse in update_backups (bsc#1234171). * ext4: allow for the last group to be marked as trimmed (bsc#1234278). * ext4: avoid buffer_head leak in ext4_mark_inode_used() (bsc#1234191). * ext4: avoid excessive credit estimate in ext4_tmpfile() (bsc#1234180). * ext4: avoid negative min_clusters in find_group_orlov() (bsc#1234193). * ext4: avoid overlapping preallocations due to overflow (bsc#1234162). * ext4: avoid potential buffer_head leak in __ext4_new_inode() (bsc#1234192). * ext4: avoid writing unitialized memory to disk in EA inodes (bsc#1234187). * ext4: check the extent status again before inserting delalloc block (bsc#1234186). * ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard (bsc#1234190). * ext4: convert to exclusive lock while inserting delalloc extents (bsc#1234178). * ext4: correct best extent lstart adjustment logic (bsc#1234179). * ext4: correct grp validation in ext4_mb_good_group (bsc#1234163). * ext4: correct return value of ext4_convert_meta_bg (bsc#1234172). * ext4: correct the hole length returned by ext4_map_blocks() (bsc#1234178). * ext4: correct the start block of counting reserved clusters (bsc#1234169). * ext4: do not let fstrim block system suspend (https://bugzilla.kernel.org/show_bug.cgi?id=216322 bsc#1234166). * ext4: do not trim the group with corrupted block bitmap (bsc#1234177). * ext4: factor out __es_alloc_extent() and __es_free_extent() (bsc#1234170). * ext4: factor out a common helper to query extent map (bsc#1234186). * ext4: fix inconsistent between segment fstrim and full fstrim (bsc#1234176). * ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() (bsc#1234188). * ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() (bsc#1234188). * ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() (bsc#1234188). * ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954). * ext4: fix potential unnitialized variable (bsc#1234183). * ext4: fix race between writepages and remount (bsc#1234168). * ext4: fix rec_len verify error (bsc#1234167). * ext4: fix slab-use-after-free in ext4_es_insert_extent() (bsc#1234170). * ext4: fix uninitialized variable in ext4_inlinedir_to_tree (bsc#1234185). * ext4: forbid commit inconsistent quota data when errors=remount-ro (bsc#1234178). * ext4: make ext4_es_insert_delayed_block() return void (bsc#1234170). * ext4: make ext4_es_insert_extent() return void (bsc#1234170). * ext4: make ext4_es_remove_extent() return void (bsc#1234170). * ext4: make ext4_zeroout_es() return void (bsc#1234170). * ext4: make sure allocate pending entry not fail (bsc#1234170). * ext4: mark buffer new if it is unwritten to avoid stale data exposure (bsc#1234175). * ext4: move 'ix' sanity check to corrent position (bsc#1234174). * ext4: move setting of trimmed bit into ext4_try_to_trim_range() (bsc#1234165). * ext4: nested locking for xattr inode (bsc#1234189). * ext4: propagate errors from ext4_find_extent() in ext4_insert_range() (bsc#1234194). * ext4: refactor ext4_da_map_blocks() (bsc#1234178). * ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (bsc#1234173). * ext4: remove the redundant folio_wait_stable() (bsc#1234184). * ext4: set the type of max_zeroout to unsigned int to avoid overflow (bsc#1234182). * ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (bsc#1234181). * ext4: use pre-allocated es in __es_insert_extent() (bsc#1234170). * ext4: use pre-allocated es in __es_remove_extent() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_insert_delayed_block() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_insert_extent() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_remove_extent() (bsc#1234170). * filemap: Fix bounds checking in filemap_read() (bsc#1234209). * filemap: add a per-mapping stable writes flag (bsc#1234141). * firmware: arm_scmi: Reject clear channel request on A2P (stable-fixes). * fs-writeback: do not requeue a clean inode having skipped pages (bsc#1234200). * fs/writeback: bail out if there is no more inodes for IO and queued once (bsc#1234207). * fsnotify: fix sending inotify event with unexpected filename (bsc#1234198). * genirq/cpuhotplug: Retry with cpu_online_mask when migration fails (git- fixes). * genirq/cpuhotplug: Skip suspended interrupts when restoring affinity (git- fixes). * genirq/irqdesc: Honor caller provided affinity in alloc_desc() (git-fixes). * gpio: grgpio: Add NULL check in grgpio_probe (git-fixes). * gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes). * hfsplus: do not query the device logical block size multiple times (git- fixes). * hvc/xen: fix console unplug (git-fixes). * hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (git-fixes). * hvc/xen: fix event channel handling for secondary consoles (git-fixes). * hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable- fixes). * hwmon: (pmbus/core) clear faults after setting smbalert mask (git-fixes). * hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK (stable-fixes). * hwmon: (tmp513) Do not use "proxy" headers (stable-fixes). * hwmon: (tmp513) Fix Current Register value interpretation (git-fixes). * hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes). * hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes). * hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes). * hwmon: (tmp513) Use SI constants from units.h (stable-fixes). * i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git- fixes). * i2c: microchip-core: actually use repeated sends (git-fixes). * i2c: microchip-core: fix "ghost" detections (git-fixes). * i2c: pnx: Fix timeout in wait functions (git-fixes). * i2c: riic: Always round-up when calculating bus period (git-fixes). * i40e: Fix handling changed priv flags (git-fixes). * i915/guc: Accumulate active runtime on gt reset (git-fixes). * i915/guc: Ensure busyness counter increases motonically (git-fixes). * i915/guc: Reset engine utilization buffer before registration (git-fixes). * ice: Unbind the workqueue (bsc#1234989) * ice: change q_index variable type to s16 to store -1 value (git-fixes). * ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes). * ice: fix PHY Clock Recovery availability check (git-fixes). * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * igb: Fix potential invalid memory access in igb_init_module() (git-fixes). * iio: magnetometer: yas530: use signed integer type for clamp limits (git- fixes). * instrumentation: Wire up cmpxchg128() (bsc#1220773). * io_uring/rw: avoid punting to io-wq directly (git-fixes). * io_uring/tctx: work around xa_store() allocation error issue (git-fixes). * io_uring: Fix registered ring file refcount leak (git-fixes). * io_uring: always lock __io_cqring_overflow_flush (git-fixes). * io_uring: check if iowq is killed before queuing (git-fixes). * iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated tables (git- fixes). * irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (git-fixes). * isofs: handle CDs with bad root inode but good Joliet root directory (bsc#1234199). * ixgbe: downgrade logging of unsupported VF API version to debug (git-fixes). * ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (git-fixes). * jffs2: Fix rtime decompressor (git-fixes). * jffs2: Prevent rtime decompress memory corruption (git-fixes). * jffs2: fix use of uninitialized variable (git-fixes). * jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git- fixes). * jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). * jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). * jfs: fix shift-out-of-bounds in dbSplit (git-fixes). * jfs: xattr: check invalid xattr size more strictly (git-fixes). * kABI workaround for struct drm_dp_mst_topology_mgr (git-fixes). * kabi/severities: make vcap_find_actionfield PASS (bsc#1220773) * kasan: make report_lock a raw spinlock (git-fixes). * kdb: Fix buffer overflow during tab-complete (bsc#1234652). * kdb: Fix console handling when editing and tab-completing commands (bsc#1234655). * kdb: Merge identical case statements in kdb_read() (bsc#1234657). * kdb: Use format-specifiers rather than memset() for padding in kdb_read() (bsc#1234658). * kdb: Use format-strings rather than '\0' injection in kdb_read() (bsc#1234654). * kdb: Use the passed prompt in kdb_position_cursor() (bsc#1234654). * kdb: address -Wformat-security warnings (bsc#1234659). * kgdb: Flush console before entering kgdb on panic (bsc#1234651). * leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes). * linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes). * locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix). * loop: fix the the direct I/O support check when used on top of block devices (bsc#1234143). * mac80211: fix user-power when emulating chanctx (stable-fixes). * media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable- fixes). * media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git- fixes). * media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes). * media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes). * mfd: da9052-spi: Change read-mask to write-mask (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (git-fixes). * mm/filemap: avoid buffered read/write race to read inconsistent data (bsc#1234204). * mm/readahead: do not allow order-1 folio (bsc#1234205). * mm/readahead: limit page cache size in page_cache_ra_order() (bsc#1234208). * mmc: core: Add SD card quirk for broken poweroff notification (stable- fixes). * mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes). * mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes). * mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes). * mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes). * mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git- fixes). * mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes). * mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes). * mtd: hyperbus: rpc-if: Convert to platform remove callback returning void (stable-fixes). * mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes). * mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes). * mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes). * net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (git-fixes). * net/ipv6: release expired exception dst cached in socket (bsc#1216813). * net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes). * net/mlx5e: Remove workaround to avoid syndrome for internal port (git- fixes). * net/mlx5e: clear xdp features on non-uplink representors (git-fixes). * net/qed: allow old cards not supporting "num_images" to work (git-fixes). * net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (git-fixes). * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * net: usb: qmi_wwan: add Quectel RG650V (stable-fixes). * nfs: ignore SB_RDONLY when mounting nfs (git-fixes). * nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (git-fixes). * nfsd: make sure exp active before svc_export_show (git-fixes). * nfsd: release svc_expkey/svc_export with rcu_work (git-fixes). * nfsd: restore callback functionality for NFSv4.0 (git-fixes). * nilfs2: fix buffer head leaks in calls to truncate_inode_pages() (git- fixes). * nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). * nilfs2: prevent use of deleted inode (git-fixes). * nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). * nvme-rdma: unquiesce admin_q before destroy it (git-fixes). * nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). * nvme/multipath: Fix RCU list traversal to use SRCU primitive (git-fixes). * nvme: apple: fix device reference counting (git-fixes). * nvme: fix metadata handling in nvme-passthrough (git-fixes). * nvmet-loop: avoid using mutex in IO hotpath (git-fixes). * ocfs2: fix uninitialized value in ocfs2_file_read_iter() (git-fixes). * ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes). * of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes). * of: Fix error path in of_parse_phandle_with_args_map() (git-fixes). * of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git- fixes). * of: address: Report error on resource bounds overflow (stable-fixes). * parisc: Raise minimal GCC version (bsc#1220773). * parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix). * percpu: Add {raw,this}_cpu_try_cmpxchg() (bsc#1220773). * percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix). * percpu: Wire up cmpxchg128 (bsc#1220773). * phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes). * phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git- fixes). * phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes). * phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git- fixes). * phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes). * phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes). * phy: rockchip: naneng-combphy: fix phy reset (git-fixes). * phy: usb: Toggle the PHY power during init (git-fixes). * pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). * pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes). * pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes). * pinmux: Use sequential access to access desc->pinmux data (stable-fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). * platform/x86: dell-smbios-base: Extends support to Alienware products (stable-fixes). * platform/x86: dell-wmi-base: Handle META key Lock/Unlock events (stable- fixes). * platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed (stable-fixes). * power: supply: gpio-charger: Fix set charge current limits (git-fixes). * powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). * proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git- fixes). * quota: Fix rcu annotations of inode dquot pointers (bsc#1234197). * quota: explicitly forbid quota files from being encrypted (bsc#1234196). * quota: flush quota_release_work upon quota writeback (bsc#1234195). * quota: simplify drop_dquot_ref() (bsc#1234197). * readahead: use ilog2 instead of a while loop in page_cache_ra_order() (bsc#1234208). * regmap: Use correct format specifier for logging range errors (stable- fixes). * regulator: rk808: Add apply_bit for BUCK3 on RK809 (stable-fixes). * rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454) * rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes). * s390/cio: Do not unregister the subchannel based on DNV (git-fixes). * s390/cpum_sf: Convert to cmpxchg128() (bsc#1220773). * s390/cpum_sf: Handle CPU hotplug remove during sampling (git-fixes). * s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes). * s390/facility: Disable compile time optimization for decompressor code (git- fixes). * s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (git-fixes). * s390/pageattr: Implement missing kernel_page_present() (git-fixes). * scatterlist: fix incorrect func name in kernel-doc (git-fixes). * sched/numa: fix memory leak due to the overwritten vma->numab_state (git fixes (sched/numa)). * scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). * scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). * scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). * scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). * scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). * scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). * scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). * scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). * scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). * scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). * scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). * scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). * scsi: qla2xxx: Fix use after free on unload (bsc#1235406). * scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). * scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port (bsc#1235406). * scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). * scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64 (git-fixes). * serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes). * serial: 8250_dw: Do not use struct dw8250_data outside of 8250_dw (git- fixes). * serial: 8250_dw: Replace ACPI device check by a quirk (git-fixes). * serial: 8250_fintek: Add support for F81216E (stable-fixes). * serial: Do not hold the port lock when setting rx-during-tx GPIO (git- fixes). * serial: amba-pl011: Fix RX stall when DMA is used (git-fixes). * serial: amba-pl011: Use port lock wrappers (stable-fixes). * serial: amba-pl011: fix build regression (git-fixes). * serial: do not use uninitialized value in uart_poll_init() (git-fixes). * serial: imx: only set receiver level if it is zero (git-fixes). * serial: imx: set receiver level before starting uart (git-fixes). * serial: qcom-geni: Do not cancel/abort if we can't get the port lock (git- fixes). * serial: qcom-geni: disable interrupts during console writes (git-fixes). * serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() (git- fixes). * serial: qcom-geni: fix console corruption (git-fixes). * serial: qcom-geni: fix dma rx cancellation (git-fixes). * serial: qcom-geni: fix false console tx restart (git-fixes). * serial: qcom-geni: fix fifo polling timeout (git-fixes). * serial: qcom-geni: fix hard lockup on buffer flush (git-fixes). * serial: qcom-geni: fix polled console corruption (git-fixes). * serial: qcom-geni: fix polled console initialisation (git-fixes). * serial: qcom-geni: fix receiver enable (git-fixes). * serial: qcom-geni: fix shutdown race (git-fixes). * serial: qcom-geni: fix soft lockup on sw flow control and suspend (git- fixes). * serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() (git-fixes). * serial: qcom-geni: revert broken hibernation support (git-fixes). * serial: stm32: Return IRQ_NONE in the ISR if no handling happend (git- fixes). * serial: stm32: do not always set SER_RS485_RX_DURING_TX if RS485 is enabled (git-fixes). * slub: Replace cmpxchg_double() (bsc#1220773). * slub: Replace cmpxchg_double() - KABI fix (bsc#1220773). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: fix issue described in bsc#1233642] * soc/fsl: cpm: qmc: Convert to platform remove callback returning void (stable-fixes). * soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes). * soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version (stable-fixes). * soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version (stable-fixes). * soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes). * soc: fsl: cpm1: qmc: Set the ret error code on platform_get_irq() failure (git-fixes). * soc: imx8m: Probe the SoC driver as platform driver (stable-fixes). * soc: qcom: Add check devm_kasprintf() returned value (stable-fixes). * soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition (git-fixes). * soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers (git- fixes). * soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (git-fixes). * spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes). * sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (git-fixes). * sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (git-fixes). * sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes). * svcrdma: Address an integer overflow (git-fixes). * svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git- fixes). * swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes). * swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (git-fixes). * thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes). * tools: hv: change permissions of NetworkManager configuration file (git- fixes). * tpm/eventlog: Limit memory allocations for event logs with excessive size (bsc#1233260 bsc#1233259 bsc#1232421). * tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) * tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes). * types: Introduce [us]128 (bsc#1220773). * ubifs: Correct the total block count by deducting journal reservation (git- fixes). * ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git- fixes). * udf: Fix lock ordering in udf_evict_inode() (bsc#1234238). * udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243). * udf: prevent integer overflow in udf_bitmap_free_blocks() (bsc#1234239). * udf: refactor inode_bmap() to handle error (bsc#1234242). * udf: refactor udf_current_aext() to handle error (bsc#1234240). * udf: refactor udf_next_aext() to handle error (bsc#1234241). * udf: udftime: prevent overflow in udf_disk_stamp_to_time() (bsc#1234237). * usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver (stable-fixes). * usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes). * usb: cdns3: Add quirk flag to enable suspend residency (stable-fixes). * usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable- fixes). * usb: dwc2: Fix HCD port connection race (git-fixes). * usb: dwc2: Fix HCD resume (git-fixes). * usb: dwc2: gadget: Do not write invalid mapped sg entries into dma_desc with iommu enabled (stable-fixes). * usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes). * usb: dwc3: ep0: Do not clear ep0 DWC3_EP_TRANSFER_STARTED (git-fixes). * usb: dwc3: ep0: Do not reset resource alloc flag (git-fixes). * usb: dwc3: ep0: Do not reset resource alloc flag (including ep0) (git- fixes). * usb: dwc3: gadget: Rewrite endpoint allocation flow (stable-fixes). * usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes). * usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes). * usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes). * usb: host: max3421-hcd: Correctly abort a USB request (git-fixes). * usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes). * usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes). * usb: typec: use cleanup facility for 'altmodes_node' (stable-fixes). * vDPA/ifcvf: Fix pci_read_config_byte() return code handling (git-fixes). * vdpa/mlx5: Fix PA offset with unaligned starting iotlb map (git-fixes). * vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes). * vdpa: solidrun: Fix UB bug with devres (git-fixes). * vfs: fix readahead(2) on block devices (bsc#1234201). * wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes). * wifi: ath5k: add PCI ID for SX76X (git-fixes). * wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes). * wifi: cfg80211: sme: init n_channels before channels[] access (git-fixes). * wifi: cw1200: Fix potential NULL dereference (git-fixes). * wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes). * wifi: iwlwifi: mvm: Use the sync timepoint API in suspend (stable-fixes). * wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() (stable- fixes). * wifi: mac80211: fix station NSS capability initialization order (git-fixes). * wifi: mac80211: init cnt before accessing elem in ieee80211_copy_mbssid_beacon (git-fixes). * wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one (git-fixes). * wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures (stable-fixes). * wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable- fixes). * workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). * writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (bsc#1234203). * x86,amd_iommu: Replace cmpxchg_double() (bsc#1220773). * x86,intel_iommu: Replace cmpxchg_double() (bsc#1220773). * x86/hyperv: Fix hv tsc page based sched_clock for hibernation (git-fixes). * xfs: do not allocate COW extents when unsharing a hole (git-fixes). * xfs: fix sb_spino_align checks for large fsblock sizes (git-fixes). * xfs: remove unknown compat feature check in superblock write validation (git-fixes). * xfs: return from xfs_symlink_verify early on V4 filesystems (git-fixes). * xfs: sb_spino_align is not verified (git-fixes). * xhci: Add usb cold attach (CAS) as a reason to resume root hub (git-fixes). * xhci: Allow RPM on the USB controller (1022:43f7) by default (stable-fixes). * xhci: fix possible null pointer deref during xhci urb enqueue (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-154=1 openSUSE-SLE-15.6-2025-154=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-154=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-154=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-154=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-154=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-154=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-154=1 ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (noarch) * kernel-devel-6.4.0-150600.23.33.1 * kernel-docs-html-6.4.0-150600.23.33.1 * kernel-source-6.4.0-150600.23.33.1 * kernel-macros-6.4.0-150600.23.33.1 * kernel-source-vanilla-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-debuginfo-6.4.0-150600.23.33.1 * kernel-debug-debugsource-6.4.0-150600.23.33.1 * kernel-debug-devel-debuginfo-6.4.0-150600.23.33.1 * kernel-debug-devel-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (x86_64) * kernel-default-vdso-6.4.0-150600.23.33.1 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.33.1 * kernel-debug-vdso-6.4.0-150600.23.33.1 * kernel-debug-vdso-debuginfo-6.4.0-150600.23.33.1 * kernel-kvmsmall-vdso-6.4.0-150600.23.33.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.33.1.150600.12.14.1 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.33.1 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.33.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.33.1 * kernel-default-base-rebuild-6.4.0-150600.23.33.1.150600.12.14.1 * kernel-kvmsmall-devel-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kernel-syms-6.4.0-150600.23.33.1 * ocfs2-kmp-default-6.4.0-150600.23.33.1 * dlm-kmp-default-6.4.0-150600.23.33.1 * kernel-obs-build-debugsource-6.4.0-150600.23.33.1 * kernel-default-devel-6.4.0-150600.23.33.1 * kselftests-kmp-default-6.4.0-150600.23.33.1 * kernel-default-optional-6.4.0-150600.23.33.1 * kernel-default-debugsource-6.4.0-150600.23.33.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.33.1 * reiserfs-kmp-default-6.4.0-150600.23.33.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.33.1 * cluster-md-kmp-default-6.4.0-150600.23.33.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.33.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.33.1 * gfs2-kmp-default-6.4.0-150600.23.33.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.33.1 * kernel-obs-build-6.4.0-150600.23.33.1 * kernel-obs-qa-6.4.0-150600.23.33.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.33.1 * kernel-default-livepatch-6.4.0-150600.23.33.1 * kernel-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.33.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-extra-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-6.4.0-150600.23.33.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_33-default-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-1-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.33.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (aarch64) * kernel-64kb-debuginfo-6.4.0-150600.23.33.1 * gfs2-kmp-64kb-6.4.0-150600.23.33.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.33.1 * dtb-amazon-6.4.0-150600.23.33.1 * dtb-amlogic-6.4.0-150600.23.33.1 * dtb-nvidia-6.4.0-150600.23.33.1 * dtb-marvell-6.4.0-150600.23.33.1 * dtb-hisilicon-6.4.0-150600.23.33.1 * cluster-md-kmp-64kb-6.4.0-150600.23.33.1 * kernel-64kb-extra-6.4.0-150600.23.33.1 * ocfs2-kmp-64kb-6.4.0-150600.23.33.1 * dtb-allwinner-6.4.0-150600.23.33.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.33.1 * dtb-amd-6.4.0-150600.23.33.1 * dtb-broadcom-6.4.0-150600.23.33.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.33.1 * dtb-qcom-6.4.0-150600.23.33.1 * dtb-cavium-6.4.0-150600.23.33.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.33.1 * kernel-64kb-debugsource-6.4.0-150600.23.33.1 * dtb-socionext-6.4.0-150600.23.33.1 * dtb-lg-6.4.0-150600.23.33.1 * dtb-exynos-6.4.0-150600.23.33.1 * kernel-64kb-optional-6.4.0-150600.23.33.1 * dtb-apple-6.4.0-150600.23.33.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.33.1 * dtb-mediatek-6.4.0-150600.23.33.1 * dtb-xilinx-6.4.0-150600.23.33.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.33.1 * dtb-arm-6.4.0-150600.23.33.1 * dtb-freescale-6.4.0-150600.23.33.1 * dtb-renesas-6.4.0-150600.23.33.1 * reiserfs-kmp-64kb-6.4.0-150600.23.33.1 * kselftests-kmp-64kb-6.4.0-150600.23.33.1 * dtb-sprd-6.4.0-150600.23.33.1 * dtb-rockchip-6.4.0-150600.23.33.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.33.1 * dlm-kmp-64kb-6.4.0-150600.23.33.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.33.1 * dtb-apm-6.4.0-150600.23.33.1 * kernel-64kb-devel-6.4.0-150600.23.33.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.33.1 * dtb-altera-6.4.0-150600.23.33.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.33.1 * Basesystem Module 15-SP6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.33.1 * Basesystem Module 15-SP6 (aarch64) * kernel-64kb-debuginfo-6.4.0-150600.23.33.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.33.1 * kernel-64kb-devel-6.4.0-150600.23.33.1 * kernel-64kb-debugsource-6.4.0-150600.23.33.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.33.1 * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.33.1.150600.12.14.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.33.1 * kernel-default-debugsource-6.4.0-150600.23.33.1 * kernel-default-devel-6.4.0-150600.23.33.1 * Basesystem Module 15-SP6 (noarch) * kernel-devel-6.4.0-150600.23.33.1 * kernel-macros-6.4.0-150600.23.33.1 * Basesystem Module 15-SP6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.33.1 * Basesystem Module 15-SP6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.33.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.33.1 * Development Tools Module 15-SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.33.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-150600.23.33.1 * kernel-syms-6.4.0-150600.23.33.1 * kernel-obs-build-6.4.0-150600.23.33.1 * Development Tools Module 15-SP6 (noarch) * kernel-source-6.4.0-150600.23.33.1 * Legacy Module 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.33.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-debugsource-6.4.0-150600.23.33.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.33.1 * reiserfs-kmp-default-6.4.0-150600.23.33.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.33.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-default-debugsource-6.4.0-150600.23.33.1 * kernel-default-livepatch-6.4.0-150600.23.33.1 * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-1-150600.13.3.1 * kernel-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-livepatch-devel-6.4.0-150600.23.33.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_33-default-1-150600.13.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-debugsource-6.4.0-150600.23.33.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-debuginfo-6.4.0-150600.23.33.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.33.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.33.1 * ocfs2-kmp-default-6.4.0-150600.23.33.1 * dlm-kmp-default-6.4.0-150600.23.33.1 * gfs2-kmp-default-6.4.0-150600.23.33.1 * cluster-md-kmp-default-6.4.0-150600.23.33.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.33.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.33.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * kernel-default-debuginfo-6.4.0-150600.23.33.1 * kernel-default-debugsource-6.4.0-150600.23.33.1 * kernel-default-extra-6.4.0-150600.23.33.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26924.html * https://www.suse.com/security/cve/CVE-2024-27397.html * https://www.suse.com/security/cve/CVE-2024-35839.html * https://www.suse.com/security/cve/CVE-2024-36908.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-39480.html * https://www.suse.com/security/cve/CVE-2024-41042.html * https://www.suse.com/security/cve/CVE-2024-44934.html * https://www.suse.com/security/cve/CVE-2024-44996.html * https://www.suse.com/security/cve/CVE-2024-47678.html * https://www.suse.com/security/cve/CVE-2024-49854.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49915.html * https://www.suse.com/security/cve/CVE-2024-50016.html * https://www.suse.com/security/cve/CVE-2024-50018.html * https://www.suse.com/security/cve/CVE-2024-50039.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50143.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-50202.html * https://www.suse.com/security/cve/CVE-2024-50203.html * https://www.suse.com/security/cve/CVE-2024-50211.html * https://www.suse.com/security/cve/CVE-2024-50228.html * https://www.suse.com/security/cve/CVE-2024-50256.html * https://www.suse.com/security/cve/CVE-2024-50262.html * https://www.suse.com/security/cve/CVE-2024-50272.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50279.html * https://www.suse.com/security/cve/CVE-2024-50280.html * https://www.suse.com/security/cve/CVE-2024-53050.html * https://www.suse.com/security/cve/CVE-2024-53064.html * https://www.suse.com/security/cve/CVE-2024-53090.html * https://www.suse.com/security/cve/CVE-2024-53095.html * https://www.suse.com/security/cve/CVE-2024-53099.html * https://www.suse.com/security/cve/CVE-2024-53103.html * https://www.suse.com/security/cve/CVE-2024-53105.html * https://www.suse.com/security/cve/CVE-2024-53111.html * https://www.suse.com/security/cve/CVE-2024-53113.html * https://www.suse.com/security/cve/CVE-2024-53117.html * https://www.suse.com/security/cve/CVE-2024-53118.html * https://www.suse.com/security/cve/CVE-2024-53119.html * https://www.suse.com/security/cve/CVE-2024-53120.html * https://www.suse.com/security/cve/CVE-2024-53122.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-53126.html * https://www.suse.com/security/cve/CVE-2024-53127.html * https://www.suse.com/security/cve/CVE-2024-53129.html * https://www.suse.com/security/cve/CVE-2024-53130.html * https://www.suse.com/security/cve/CVE-2024-53131.html * https://www.suse.com/security/cve/CVE-2024-53133.html * https://www.suse.com/security/cve/CVE-2024-53134.html * https://www.suse.com/security/cve/CVE-2024-53136.html * https://www.suse.com/security/cve/CVE-2024-53141.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53148.html * https://www.suse.com/security/cve/CVE-2024-53150.html * https://www.suse.com/security/cve/CVE-2024-53151.html * https://www.suse.com/security/cve/CVE-2024-53154.html * https://www.suse.com/security/cve/CVE-2024-53155.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53157.html * https://www.suse.com/security/cve/CVE-2024-53158.html * https://www.suse.com/security/cve/CVE-2024-53159.html * https://www.suse.com/security/cve/CVE-2024-53160.html * https://www.suse.com/security/cve/CVE-2024-53161.html * https://www.suse.com/security/cve/CVE-2024-53162.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53169.html * https://www.suse.com/security/cve/CVE-2024-53171.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53174.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53180.html * https://www.suse.com/security/cve/CVE-2024-53188.html * https://www.suse.com/security/cve/CVE-2024-53190.html * https://www.suse.com/security/cve/CVE-2024-53191.html * https://www.suse.com/security/cve/CVE-2024-53200.html * https://www.suse.com/security/cve/CVE-2024-53201.html * https://www.suse.com/security/cve/CVE-2024-53202.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53207.html * https://www.suse.com/security/cve/CVE-2024-53208.html * https://www.suse.com/security/cve/CVE-2024-53209.html * https://www.suse.com/security/cve/CVE-2024-53210.html * https://www.suse.com/security/cve/CVE-2024-53213.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53215.html * https://www.suse.com/security/cve/CVE-2024-53216.html * https://www.suse.com/security/cve/CVE-2024-53217.html * https://www.suse.com/security/cve/CVE-2024-53222.html * https://www.suse.com/security/cve/CVE-2024-53224.html * https://www.suse.com/security/cve/CVE-2024-53229.html * https://www.suse.com/security/cve/CVE-2024-53234.html * https://www.suse.com/security/cve/CVE-2024-53237.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56536.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56549.html * https://www.suse.com/security/cve/CVE-2024-56551.html * https://www.suse.com/security/cve/CVE-2024-56562.html * https://www.suse.com/security/cve/CVE-2024-56566.html * https://www.suse.com/security/cve/CVE-2024-56567.html * https://www.suse.com/security/cve/CVE-2024-56576.html * https://www.suse.com/security/cve/CVE-2024-56582.html * https://www.suse.com/security/cve/CVE-2024-56599.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56645.html * https://www.suse.com/security/cve/CVE-2024-56667.html * https://www.suse.com/security/cve/CVE-2024-56752.html * https://www.suse.com/security/cve/CVE-2024-56754.html * https://www.suse.com/security/cve/CVE-2024-56755.html * https://www.suse.com/security/cve/CVE-2024-56756.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1214954 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1220773 * https://bugzilla.suse.com/show_bug.cgi?id=1224095 * https://bugzilla.suse.com/show_bug.cgi?id=1224726 * https://bugzilla.suse.com/show_bug.cgi?id=1225743 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225820 * https://bugzilla.suse.com/show_bug.cgi?id=1227445 * https://bugzilla.suse.com/show_bug.cgi?id=1228526 * https://bugzilla.suse.com/show_bug.cgi?id=1229809 * https://bugzilla.suse.com/show_bug.cgi?id=1230205 * https://bugzilla.suse.com/show_bug.cgi?id=1230413 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1231854 * https://bugzilla.suse.com/show_bug.cgi?id=1231909 * https://bugzilla.suse.com/show_bug.cgi?id=1231963 * https://bugzilla.suse.com/show_bug.cgi?id=1232193 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232419 * https://bugzilla.suse.com/show_bug.cgi?id=1232420 * https://bugzilla.suse.com/show_bug.cgi?id=1232421 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1233038 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233096 * https://bugzilla.suse.com/show_bug.cgi?id=1233200 * https://bugzilla.suse.com/show_bug.cgi?id=1233204 * https://bugzilla.suse.com/show_bug.cgi?id=1233239 * https://bugzilla.suse.com/show_bug.cgi?id=1233259 * https://bugzilla.suse.com/show_bug.cgi?id=1233260 * https://bugzilla.suse.com/show_bug.cgi?id=1233324 * https://bugzilla.suse.com/show_bug.cgi?id=1233328 * https://bugzilla.suse.com/show_bug.cgi?id=1233461 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233468 * https://bugzilla.suse.com/show_bug.cgi?id=1233469 * https://bugzilla.suse.com/show_bug.cgi?id=1233546 * https://bugzilla.suse.com/show_bug.cgi?id=1233558 * https://bugzilla.suse.com/show_bug.cgi?id=1233637 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1233772 * https://bugzilla.suse.com/show_bug.cgi?id=1233837 * https://bugzilla.suse.com/show_bug.cgi?id=1234024 * https://bugzilla.suse.com/show_bug.cgi?id=1234069 * https://bugzilla.suse.com/show_bug.cgi?id=1234071 * https://bugzilla.suse.com/show_bug.cgi?id=1234073 * https://bugzilla.suse.com/show_bug.cgi?id=1234075 * https://bugzilla.suse.com/show_bug.cgi?id=1234076 * https://bugzilla.suse.com/show_bug.cgi?id=1234077 * https://bugzilla.suse.com/show_bug.cgi?id=1234079 * https://bugzilla.suse.com/show_bug.cgi?id=1234086 * https://bugzilla.suse.com/show_bug.cgi?id=1234139 * https://bugzilla.suse.com/show_bug.cgi?id=1234140 * https://bugzilla.suse.com/show_bug.cgi?id=1234141 * https://bugzilla.suse.com/show_bug.cgi?id=1234142 * https://bugzilla.suse.com/show_bug.cgi?id=1234143 * https://bugzilla.suse.com/show_bug.cgi?id=1234144 * https://bugzilla.suse.com/show_bug.cgi?id=1234145 * https://bugzilla.suse.com/show_bug.cgi?id=1234146 * https://bugzilla.suse.com/show_bug.cgi?id=1234147 * https://bugzilla.suse.com/show_bug.cgi?id=1234148 * https://bugzilla.suse.com/show_bug.cgi?id=1234149 * https://bugzilla.suse.com/show_bug.cgi?id=1234150 * https://bugzilla.suse.com/show_bug.cgi?id=1234153 * https://bugzilla.suse.com/show_bug.cgi?id=1234155 * https://bugzilla.suse.com/show_bug.cgi?id=1234156 * https://bugzilla.suse.com/show_bug.cgi?id=1234158 * https://bugzilla.suse.com/show_bug.cgi?id=1234159 * https://bugzilla.suse.com/show_bug.cgi?id=1234160 * https://bugzilla.suse.com/show_bug.cgi?id=1234161 * https://bugzilla.suse.com/show_bug.cgi?id=1234162 * https://bugzilla.suse.com/show_bug.cgi?id=1234163 * https://bugzilla.suse.com/show_bug.cgi?id=1234164 * https://bugzilla.suse.com/show_bug.cgi?id=1234165 * https://bugzilla.suse.com/show_bug.cgi?id=1234166 * https://bugzilla.suse.com/show_bug.cgi?id=1234167 * https://bugzilla.suse.com/show_bug.cgi?id=1234168 * https://bugzilla.suse.com/show_bug.cgi?id=1234169 * https://bugzilla.suse.com/show_bug.cgi?id=1234170 * https://bugzilla.suse.com/show_bug.cgi?id=1234171 * https://bugzilla.suse.com/show_bug.cgi?id=1234172 * https://bugzilla.suse.com/show_bug.cgi?id=1234173 * https://bugzilla.suse.com/show_bug.cgi?id=1234174 * https://bugzilla.suse.com/show_bug.cgi?id=1234175 * https://bugzilla.suse.com/show_bug.cgi?id=1234176 * https://bugzilla.suse.com/show_bug.cgi?id=1234177 * https://bugzilla.suse.com/show_bug.cgi?id=1234178 * https://bugzilla.suse.com/show_bug.cgi?id=1234179 * https://bugzilla.suse.com/show_bug.cgi?id=1234180 * https://bugzilla.suse.com/show_bug.cgi?id=1234181 * https://bugzilla.suse.com/show_bug.cgi?id=1234182 * https://bugzilla.suse.com/show_bug.cgi?id=1234183 * https://bugzilla.suse.com/show_bug.cgi?id=1234184 * https://bugzilla.suse.com/show_bug.cgi?id=1234185 * https://bugzilla.suse.com/show_bug.cgi?id=1234186 * https://bugzilla.suse.com/show_bug.cgi?id=1234187 * https://bugzilla.suse.com/show_bug.cgi?id=1234188 * https://bugzilla.suse.com/show_bug.cgi?id=1234189 * https://bugzilla.suse.com/show_bug.cgi?id=1234190 * https://bugzilla.suse.com/show_bug.cgi?id=1234191 * https://bugzilla.suse.com/show_bug.cgi?id=1234192 * https://bugzilla.suse.com/show_bug.cgi?id=1234193 * https://bugzilla.suse.com/show_bug.cgi?id=1234194 * https://bugzilla.suse.com/show_bug.cgi?id=1234195 * https://bugzilla.suse.com/show_bug.cgi?id=1234196 * https://bugzilla.suse.com/show_bug.cgi?id=1234197 * https://bugzilla.suse.com/show_bug.cgi?id=1234198 * https://bugzilla.suse.com/show_bug.cgi?id=1234199 * https://bugzilla.suse.com/show_bug.cgi?id=1234200 * https://bugzilla.suse.com/show_bug.cgi?id=1234201 * https://bugzilla.suse.com/show_bug.cgi?id=1234203 * https://bugzilla.suse.com/show_bug.cgi?id=1234204 * https://bugzilla.suse.com/show_bug.cgi?id=1234205 * https://bugzilla.suse.com/show_bug.cgi?id=1234207 * https://bugzilla.suse.com/show_bug.cgi?id=1234208 * https://bugzilla.suse.com/show_bug.cgi?id=1234209 * https://bugzilla.suse.com/show_bug.cgi?id=1234219 * https://bugzilla.suse.com/show_bug.cgi?id=1234220 * https://bugzilla.suse.com/show_bug.cgi?id=1234221 * https://bugzilla.suse.com/show_bug.cgi?id=1234237 * https://bugzilla.suse.com/show_bug.cgi?id=1234238 * https://bugzilla.suse.com/show_bug.cgi?id=1234239 * https://bugzilla.suse.com/show_bug.cgi?id=1234240 * https://bugzilla.suse.com/show_bug.cgi?id=1234241 * https://bugzilla.suse.com/show_bug.cgi?id=1234242 * https://bugzilla.suse.com/show_bug.cgi?id=1234243 * https://bugzilla.suse.com/show_bug.cgi?id=1234278 * https://bugzilla.suse.com/show_bug.cgi?id=1234279 * https://bugzilla.suse.com/show_bug.cgi?id=1234280 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234294 * https://bugzilla.suse.com/show_bug.cgi?id=1234338 * https://bugzilla.suse.com/show_bug.cgi?id=1234357 * https://bugzilla.suse.com/show_bug.cgi?id=1234381 * https://bugzilla.suse.com/show_bug.cgi?id=1234454 * https://bugzilla.suse.com/show_bug.cgi?id=1234464 * https://bugzilla.suse.com/show_bug.cgi?id=1234605 * https://bugzilla.suse.com/show_bug.cgi?id=1234651 * https://bugzilla.suse.com/show_bug.cgi?id=1234652 * https://bugzilla.suse.com/show_bug.cgi?id=1234654 * https://bugzilla.suse.com/show_bug.cgi?id=1234655 * https://bugzilla.suse.com/show_bug.cgi?id=1234657 * https://bugzilla.suse.com/show_bug.cgi?id=1234658 * https://bugzilla.suse.com/show_bug.cgi?id=1234659 * https://bugzilla.suse.com/show_bug.cgi?id=1234668 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234725 * https://bugzilla.suse.com/show_bug.cgi?id=1234726 * https://bugzilla.suse.com/show_bug.cgi?id=1234810 * https://bugzilla.suse.com/show_bug.cgi?id=1234811 * https://bugzilla.suse.com/show_bug.cgi?id=1234826 * https://bugzilla.suse.com/show_bug.cgi?id=1234827 * https://bugzilla.suse.com/show_bug.cgi?id=1234829 * https://bugzilla.suse.com/show_bug.cgi?id=1234832 * https://bugzilla.suse.com/show_bug.cgi?id=1234834 * https://bugzilla.suse.com/show_bug.cgi?id=1234843 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234848 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234855 * https://bugzilla.suse.com/show_bug.cgi?id=1234856 * https://bugzilla.suse.com/show_bug.cgi?id=1234884 * https://bugzilla.suse.com/show_bug.cgi?id=1234889 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234899 * https://bugzilla.suse.com/show_bug.cgi?id=1234900 * https://bugzilla.suse.com/show_bug.cgi?id=1234905 * https://bugzilla.suse.com/show_bug.cgi?id=1234907 * https://bugzilla.suse.com/show_bug.cgi?id=1234909 * https://bugzilla.suse.com/show_bug.cgi?id=1234911 * https://bugzilla.suse.com/show_bug.cgi?id=1234912 * https://bugzilla.suse.com/show_bug.cgi?id=1234916 * https://bugzilla.suse.com/show_bug.cgi?id=1234918 * https://bugzilla.suse.com/show_bug.cgi?id=1234920 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234922 * https://bugzilla.suse.com/show_bug.cgi?id=1234929 * https://bugzilla.suse.com/show_bug.cgi?id=1234930 * https://bugzilla.suse.com/show_bug.cgi?id=1234937 * https://bugzilla.suse.com/show_bug.cgi?id=1234948 * https://bugzilla.suse.com/show_bug.cgi?id=1234950 * https://bugzilla.suse.com/show_bug.cgi?id=1234952 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234962 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1234968 * https://bugzilla.suse.com/show_bug.cgi?id=1234969 * https://bugzilla.suse.com/show_bug.cgi?id=1234970 * https://bugzilla.suse.com/show_bug.cgi?id=1234971 * https://bugzilla.suse.com/show_bug.cgi?id=1234973 * https://bugzilla.suse.com/show_bug.cgi?id=1234974 * https://bugzilla.suse.com/show_bug.cgi?id=1234989 * https://bugzilla.suse.com/show_bug.cgi?id=1234999 * https://bugzilla.suse.com/show_bug.cgi?id=1235002 * https://bugzilla.suse.com/show_bug.cgi?id=1235003 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235007 * https://bugzilla.suse.com/show_bug.cgi?id=1235009 * https://bugzilla.suse.com/show_bug.cgi?id=1235016 * https://bugzilla.suse.com/show_bug.cgi?id=1235019 * https://bugzilla.suse.com/show_bug.cgi?id=1235033 * https://bugzilla.suse.com/show_bug.cgi?id=1235045 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235075 * https://bugzilla.suse.com/show_bug.cgi?id=1235108 * https://bugzilla.suse.com/show_bug.cgi?id=1235128 * https://bugzilla.suse.com/show_bug.cgi?id=1235134 * https://bugzilla.suse.com/show_bug.cgi?id=1235138 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235406 * https://bugzilla.suse.com/show_bug.cgi?id=1235409 * https://bugzilla.suse.com/show_bug.cgi?id=1235416 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 * https://bugzilla.suse.com/show_bug.cgi?id=1235550 * https://jira.suse.com/browse/PED-10467 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 12:35:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 12:35:28 -0000 Subject: SUSE-SU-2025:0152-1: important: Security update for the Linux Kernel Message-ID: <173711732834.29714.13892200833227845481@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0152-1 Release Date: 2025-01-17T09:13:58Z Rating: important References: * bsc#1027565 * bsc#1056588 * bsc#1059525 * bsc#1202346 * bsc#1227985 * bsc#1234846 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235220 * bsc#1235224 Cross-References: * CVE-2017-1000253 * CVE-2017-14051 * CVE-2017-2636 * CVE-2022-20368 * CVE-2022-48839 * CVE-2024-53146 * CVE-2024-53156 * CVE-2024-53173 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56598 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56619 CVSS scores: * CVE-2017-1000253 ( SUSE ): 8.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2017-1000253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2017-1000253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2017-1000253 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2017-14051 ( SUSE ): 6.4 CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2017-14051 ( NVD ): 4.4 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2017-2636 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2017-2636 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-20368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-20368 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56598 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56619 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56619 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves 15 vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588) * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). The following non-security bugs were fixed: * Enable CONFIG_FIRMWARE_SIG () * r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352). * rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-152=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-152=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64) * kernel-ec2-3.0.101-108.174.1 * kernel-default-3.0.101-108.174.1 * kernel-trace-3.0.101-108.174.1 * kernel-xen-3.0.101-108.174.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * kernel-trace-devel-3.0.101-108.174.1 * kernel-default-base-3.0.101-108.174.1 * kernel-ec2-base-3.0.101-108.174.1 * kernel-xen-devel-3.0.101-108.174.1 * kernel-ec2-devel-3.0.101-108.174.1 * kernel-default-devel-3.0.101-108.174.1 * kernel-trace-base-3.0.101-108.174.1 * kernel-source-3.0.101-108.174.1 * kernel-syms-3.0.101-108.174.1 * kernel-xen-base-3.0.101-108.174.1 * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64) * kernel-ec2-3.0.101-108.174.1 * kernel-default-3.0.101-108.174.1 * kernel-trace-3.0.101-108.174.1 * kernel-xen-3.0.101-108.174.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * kernel-trace-devel-3.0.101-108.174.1 * kernel-default-base-3.0.101-108.174.1 * kernel-ec2-base-3.0.101-108.174.1 * kernel-xen-devel-3.0.101-108.174.1 * kernel-ec2-devel-3.0.101-108.174.1 * kernel-default-devel-3.0.101-108.174.1 * kernel-trace-base-3.0.101-108.174.1 * kernel-source-3.0.101-108.174.1 * kernel-syms-3.0.101-108.174.1 * kernel-xen-base-3.0.101-108.174.1 ## References: * https://www.suse.com/security/cve/CVE-2017-1000253.html * https://www.suse.com/security/cve/CVE-2017-14051.html * https://www.suse.com/security/cve/CVE-2017-2636.html * https://www.suse.com/security/cve/CVE-2022-20368.html * https://www.suse.com/security/cve/CVE-2022-48839.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56598.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56619.html * https://bugzilla.suse.com/show_bug.cgi?id=1027565 * https://bugzilla.suse.com/show_bug.cgi?id=1056588 * https://bugzilla.suse.com/show_bug.cgi?id=1059525 * https://bugzilla.suse.com/show_bug.cgi?id=1202346 * https://bugzilla.suse.com/show_bug.cgi?id=1227985 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235220 * https://bugzilla.suse.com/show_bug.cgi?id=1235224 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 16:30:26 -0000 Subject: SUSE-SU-2025:0164-1: important: Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Message-ID: <173713142637.14478.8586105501339345762@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0164-1 Release Date: 2025-01-17T15:33:33Z Rating: important References: * bsc#1223363 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225311 * bsc#1225312 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 22 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-164=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-164=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-8-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-8-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-8-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-8-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:31:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 16:31:07 -0000 Subject: SUSE-SU-2025:0158-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Message-ID: <173713146776.14478.16845221471508766737@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0158-1 Release Date: 2025-01-17T12:33:53Z Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 36 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-158=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-158=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_10-debugsource-12-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-12-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-12-150500.11.8.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_10-debugsource-12-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-12-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-12-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:31:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 16:31:12 -0000 Subject: SUSE-SU-2025:0163-1: important: Security update for redis Message-ID: <173713147277.14478.14094658677608357537@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:0163-1 Release Date: 2025-01-17T14:40:03Z Rating: important References: * bsc#1235386 * bsc#1235387 Cross-References: * CVE-2024-46981 * CVE-2024-51741 CVSS scores: * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-51741 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-51741 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-51741 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. (bsc#1235386) * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-163=1 openSUSE-SLE-15.6-2025-163=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-163=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis-7.2.4-150600.3.6.1 * redis-debuginfo-7.2.4-150600.3.6.1 * redis-debugsource-7.2.4-150600.3.6.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis-7.2.4-150600.3.6.1 * redis-debuginfo-7.2.4-150600.3.6.1 * redis-debugsource-7.2.4-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46981.html * https://www.suse.com/security/cve/CVE-2024-51741.html * https://bugzilla.suse.com/show_bug.cgi?id=1235386 * https://bugzilla.suse.com/show_bug.cgi?id=1235387 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:31:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 16:31:16 -0000 Subject: SUSE-SU-2025:0162-1: important: Security update for redis Message-ID: <173713147624.14478.15162293646480062293@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:0162-1 Release Date: 2025-01-17T14:39:48Z Rating: important References: * bsc#1235387 Cross-References: * CVE-2024-46981 CVSS scores: * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-162=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-162=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-162=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-162=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-162=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-162=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-162=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-162=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-162=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-162=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Manager Proxy 4.3 (x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46981.html * https://bugzilla.suse.com/show_bug.cgi?id=1235387 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:31:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 16:31:19 -0000 Subject: SUSE-SU-2025:0161-1: important: Security update for redis7 Message-ID: <173713147980.14478.5173327802918695054@smelt2.prg2.suse.org> # Security update for redis7 Announcement ID: SUSE-SU-2025:0161-1 Release Date: 2025-01-17T14:38:51Z Rating: important References: * bsc#1235386 * bsc#1235387 Cross-References: * CVE-2024-46981 * CVE-2024-51741 CVSS scores: * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-51741 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-51741 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-51741 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. (bsc#1235386) * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-161=1 openSUSE-SLE-15.6-2025-161=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-161=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150600.8.6.1 * redis7-debugsource-7.0.8-150600.8.6.1 * redis7-7.0.8-150600.8.6.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150600.8.6.1 * redis7-debugsource-7.0.8-150600.8.6.1 * redis7-7.0.8-150600.8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46981.html * https://www.suse.com/security/cve/CVE-2024-51741.html * https://bugzilla.suse.com/show_bug.cgi?id=1235386 * https://bugzilla.suse.com/show_bug.cgi?id=1235387 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:31:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 16:31:24 -0000 Subject: SUSE-SU-2025:0160-1: important: Security update for redis7 Message-ID: <173713148410.14478.4576652712453954430@smelt2.prg2.suse.org> # Security update for redis7 Announcement ID: SUSE-SU-2025:0160-1 Release Date: 2025-01-17T14:38:37Z Rating: important References: * bsc#1235386 * bsc#1235387 Cross-References: * CVE-2024-46981 * CVE-2024-51741 CVSS scores: * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-51741 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-51741 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-51741 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. (bsc#1235386) * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-160=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-160=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-160=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-160=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-160=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46981.html * https://www.suse.com/security/cve/CVE-2024-51741.html * https://bugzilla.suse.com/show_bug.cgi?id=1235386 * https://bugzilla.suse.com/show_bug.cgi?id=1235387 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:31:32 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 16:31:32 -0000 Subject: SUSE-SU-2025:0157-1: important: Security update for rsync Message-ID: <173713149292.14478.16411449319770862348@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0157-1 Release Date: 2025-01-17T11:59:45Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 * bsc#1235475 * bsc#1235895 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 * CVE-2024-12747 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12747 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-12747 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-12747 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) * CVE-2024-12747: Fixed a race condition in rsync handling symbolic links. (bsc#1235475) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-157=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-157=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-157=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-157=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-157=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-157=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-157=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150000.4.33.1 * rsync-3.2.3-150000.4.33.1 * rsync-debugsource-3.2.3-150000.4.33.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150000.4.33.1 * rsync-3.2.3-150000.4.33.1 * rsync-debugsource-3.2.3-150000.4.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * rsync-debuginfo-3.2.3-150000.4.33.1 * rsync-3.2.3-150000.4.33.1 * rsync-debugsource-3.2.3-150000.4.33.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150000.4.33.1 * rsync-3.2.3-150000.4.33.1 * rsync-debugsource-3.2.3-150000.4.33.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150000.4.33.1 * rsync-3.2.3-150000.4.33.1 * rsync-debugsource-3.2.3-150000.4.33.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150000.4.33.1 * rsync-3.2.3-150000.4.33.1 * rsync-debugsource-3.2.3-150000.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150000.4.33.1 * rsync-3.2.3-150000.4.33.1 * rsync-debugsource-3.2.3-150000.4.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://www.suse.com/security/cve/CVE-2024-12747.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 * https://bugzilla.suse.com/show_bug.cgi?id=1235475 * https://bugzilla.suse.com/show_bug.cgi?id=1235895 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:31:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 16:31:39 -0000 Subject: SUSE-SU-2025:0156-1: important: Security update for rsync Message-ID: <173713149904.14478.12773866743672391843@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0156-1 Release Date: 2025-01-17T11:59:13Z Rating: important References: * bsc#1234100 * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 * bsc#1235475 * bsc#1235895 Cross-References: * CVE-2024-12084 * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 * CVE-2024-12747 CVSS scores: * CVE-2024-12084 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12084 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-12084 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12747 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-12747 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-12747 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12084: heap buffer overflow in checksum parsing. (bsc#1234100) * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) * CVE-2024-12747: race condition in rsync handling symbolic links (bsc#1235475) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-156=1 openSUSE-SLE-15.6-2025-156=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-156=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * rsync-debuginfo-3.2.7-150600.3.8.1 * rsync-debugsource-3.2.7-150600.3.8.1 * rsync-3.2.7-150600.3.8.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.7-150600.3.8.1 * rsync-debugsource-3.2.7-150600.3.8.1 * rsync-3.2.7-150600.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12084.html * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://www.suse.com/security/cve/CVE-2024-12747.html * https://bugzilla.suse.com/show_bug.cgi?id=1234100 * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 * https://bugzilla.suse.com/show_bug.cgi?id=1235475 * https://bugzilla.suse.com/show_bug.cgi?id=1235895 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 20:30:08 -0000 Subject: SUSE-SU-2025:0179-1: important: Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) Message-ID: <173714580853.29714.16019840967432234440@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0179-1 Release Date: 2025-01-17T19:33:43Z Rating: important References: * bsc#1225819 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_22 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-179=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-179=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_4-debugsource-3-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_22-default-3-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-3-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_4-debugsource-3-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_22-default-3-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-3-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 20:30:13 -0000 Subject: SUSE-SU-2025:0177-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) Message-ID: <173714581384.29714.2297902187028635703@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0177-1 Release Date: 2025-01-17T19:33:28Z Rating: important References: * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_83 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-174=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-175=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-176=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-175=1 SUSE-2025-176=1 SUSE-2025-174=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-177=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_8-debugsource-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_83-default-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_39-default-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-2-150500.11.6.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_8-debugsource-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_83-default-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_39-default-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-2-150500.11.6.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_228-default-2-8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 20:30:16 -0000 Subject: SUSE-SU-2025:0173-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Message-ID: <173714581637.29714.13883551567190808906@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0173-1 Release Date: 2025-01-17T19:33:35Z Rating: important References: * bsc#1233712 Cross-References: * CVE-2024-50264 CVSS scores: * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_21 fixes one issue. The following security issue was fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-173=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-178=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-178=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_234-default-2-8.6.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_0-debugsource-8-150600.4.16.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-8-150600.4.16.1 * kernel-livepatch-6_4_0-150600_21-default-8-150600.4.16.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_0-debugsource-8-150600.4.16.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-8-150600.4.16.1 * kernel-livepatch-6_4_0-150600_21-default-8-150600.4.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 20:30:22 -0000 Subject: SUSE-SU-2025:0172-1: important: Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4) Message-ID: <173714582202.29714.14737239290335769291@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0172-1 Release Date: 2025-01-17T17:33:31Z Rating: important References: * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_128 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-172=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-172=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_128-default-3-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-3-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-3-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_128-default-3-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-3-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-3-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 20:30:28 -0000 Subject: SUSE-SU-2025:0168-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Message-ID: <173714582895.29714.6242002747050944609@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0168-1 Release Date: 2025-01-17T17:03:51Z Rating: important References: * bsc#1225819 * bsc#1228349 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-35949 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_17 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-168=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-168=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-6-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-6-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_17-default-6-150600.13.6.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-6-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-6-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_17-default-6-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 20:30:39 -0000 Subject: SUSE-SU-2025:0167-1: important: Security update for pam_u2f Message-ID: <173714583929.29714.2557224241297737139@smelt2.prg2.suse.org> # Security update for pam_u2f Announcement ID: SUSE-SU-2025:0167-1 Release Date: 2025-01-17T16:09:57Z Rating: important References: * bsc#1233517 * bsc#1235961 Cross-References: * CVE-2025-23013 CVSS scores: * CVE-2025-23013 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-23013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23013 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for pam_u2f fixes the following issues: * CVE-2025-23013: Fixed problematic PAM_IGNORE return values in `pam_sm_authenticate()` (bsc#1233517) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-167=1 openSUSE-SLE-15.6-2025-167=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-167=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * pam_u2f-debugsource-1.2.0-150600.10.5.1 * pam_u2f-1.2.0-150600.10.5.1 * pam_u2f-debuginfo-1.2.0-150600.10.5.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * pam_u2f-debugsource-1.2.0-150600.10.5.1 * pam_u2f-1.2.0-150600.10.5.1 * pam_u2f-debuginfo-1.2.0-150600.10.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23013.html * https://bugzilla.suse.com/show_bug.cgi?id=1233517 * https://bugzilla.suse.com/show_bug.cgi?id=1235961 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:45 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 20:30:45 -0000 Subject: SUSE-SU-2025:0166-1: important: Security update for rsync Message-ID: <173714584594.29714.18182478773690098967@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0166-1 Release Date: 2025-01-17T16:09:46Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 * bsc#1235475 * bsc#1235895 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 * CVE-2024-12747 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12747 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-12747 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-12747 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) * CVE-2024-12747: Fixed a race condition in handling symbolic links. (bsc#1235475) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-166=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-166=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.1.3-3.22.1 * rsync-debugsource-3.1.3-3.22.1 * rsync-3.1.3-3.22.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * rsync-debuginfo-3.1.3-3.22.1 * rsync-debugsource-3.1.3-3.22.1 * rsync-3.1.3-3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://www.suse.com/security/cve/CVE-2024-12747.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 * https://bugzilla.suse.com/show_bug.cgi?id=1235475 * https://bugzilla.suse.com/show_bug.cgi?id=1235895 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:53 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 Jan 2025 20:30:53 -0000 Subject: SUSE-SU-2025:0165-1: important: Security update for rsync Message-ID: <173714585319.29714.6215632394838181046@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0165-1 Release Date: 2025-01-17T16:09:35Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 * bsc#1235475 * bsc#1235895 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 * CVE-2024-12747 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12747 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-12747 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-12747 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) * CVE-2024-12747: Fixed a race condition in rsync handling symbolic links. (bsc#1235475) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-165=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-165=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-165=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-165=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-165=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-165=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-165=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-165=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-165=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-165=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-165=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-165=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-165=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-165=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-165=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-165=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-165=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Manager Proxy 4.3 (x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://www.suse.com/security/cve/CVE-2024-12747.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 * https://bugzilla.suse.com/show_bug.cgi?id=1235475 * https://bugzilla.suse.com/show_bug.cgi?id=1235895 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 08:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 08:30:16 -0000 Subject: SUSE-SU-2025:0188-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Message-ID: <173736181688.29410.15331312189196216581@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0188-1 Release Date: 2025-01-18T02:04:11Z Rating: important References: * bsc#1225819 * bsc#1228349 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1231419 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-35949 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-42133 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-188=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-188=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-6-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_14-default-6-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-6-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-6-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_14-default-6-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-6-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231419 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 08:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 08:30:25 -0000 Subject: SUSE-SU-2025:0187-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Message-ID: <173736182506.29410.2895206522001215054@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0187-1 Release Date: 2025-01-18T02:03:59Z Rating: important References: * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1228786 * bsc#1229273 * bsc#1229553 * bsc#1231419 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-40954 * CVE-2024-42133 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_7 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-187=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-187=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-6-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-6-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-6-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-6-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-6-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-6-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231419 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 08:30:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 08:30:29 -0000 Subject: SUSE-SU-2025:0185-1: important: Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) Message-ID: <173736182955.29410.2012153611607038724@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0185-1 Release Date: 2025-01-17T22:13:28Z Rating: important References: * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_136 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-186=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-185=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-185=1 SUSE-2025-186=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_133-default-2-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-2-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-2-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-2-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-2-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_136-default-2-150400.9.6.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_133-default-2-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-2-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-2-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-2-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-2-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_136-default-2-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 08:30:32 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 08:30:32 -0000 Subject: SUSE-SU-2025:0184-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Message-ID: <173736183295.29410.16225209024398203531@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0184-1 Release Date: 2025-01-18T13:04:03Z Rating: important References: * bsc#1233712 Cross-References: * CVE-2024-50264 CVSS scores: * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_25 fixes one issue. The following security issue was fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-184=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-184=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-190=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-190=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-189=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-189=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_182-default-2-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_50-debugsource-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-2-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_182-preempt-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-2-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_182-default-2-150300.7.6.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-2-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-2-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_141-default-2-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-2-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-2-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_141-default-2-150400.9.8.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-2-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_25-default-2-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-2-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-2-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_25-default-2-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-2-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 08:30:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 08:30:37 -0000 Subject: SUSE-SU-2025:0181-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) Message-ID: <173736183790.29410.2778464852356487412@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0181-1 Release Date: 2025-01-17T20:03:47Z Rating: important References: * bsc#1225429 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2022-48956 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-181=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-181=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-3-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-3-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_73-default-3-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-3-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_73-default-3-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-3-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 08:30:42 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 08:30:42 -0000 Subject: SUSE-SU-2025:0180-1: important: Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) Message-ID: <173736184212.29410.9966769575991092141@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0180-1 Release Date: 2025-01-17T21:13:45Z Rating: important References: * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-180=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-182=1 SUSE-2025-183=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-182=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-183=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_231-default-2-8.6.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_49-debugsource-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_179-default-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_174-default-2-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_48-debugsource-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-2-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_179-preempt-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_174-preempt-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-2-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-2-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_179-default-2-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 08:30:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 08:30:44 -0000 Subject: SUSE-SU-2025:0191-1: important: Security update for amazon-ssm-agent Message-ID: <173736184443.29410.1584225460971910005@smelt2.prg2.suse.org> # Security update for amazon-ssm-agent Announcement ID: SUSE-SU-2025:0191-1 Release Date: 2025-01-20T06:49:22Z Rating: important References: * bsc#1235575 Cross-References: * CVE-2025-21613 CVSS scores: * CVE-2025-21613 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21613 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear * CVE-2025-21613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for amazon-ssm-agent fixes the following issues: Update to version 3.3.1611.0: * CVE-2025-21613: Fixed argument injection via the URL field in github.com/go- git/go-git/v5 (bsc#1235575) Full changelog: https://github.com/aws/amazon-ssm- agent/compare/3.1.1260.0...3.3.1611.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-191=1 ## Package List: * Public Cloud Module 12 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-4.36.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21613.html * https://bugzilla.suse.com/show_bug.cgi?id=1235575 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 12:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 12:30:08 -0000 Subject: SUSE-SU-2025:0192-1: important: Security update for pam_u2f Message-ID: <173737620814.15706.4184963677591129360@smelt2.prg2.suse.org> # Security update for pam_u2f Announcement ID: SUSE-SU-2025:0192-1 Release Date: 2025-01-20T09:04:10Z Rating: important References: * bsc#1233517 Cross-References: * CVE-2025-23013 CVSS scores: * CVE-2025-23013 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-23013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23013 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for pam_u2f fixes the following issues: * CVE-2025-23013: Fixed problematic PAM_IGNORE return values in `pam_sm_authenticate()` (bsc#1233517) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-192=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-192=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-192=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-192=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * pam_u2f-debuginfo-1.0.8-150000.3.6.1 * pam_u2f-debugsource-1.0.8-150000.3.6.1 * pam_u2f-1.0.8-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * pam_u2f-debuginfo-1.0.8-150000.3.6.1 * pam_u2f-debugsource-1.0.8-150000.3.6.1 * pam_u2f-1.0.8-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * pam_u2f-debuginfo-1.0.8-150000.3.6.1 * pam_u2f-debugsource-1.0.8-150000.3.6.1 * pam_u2f-1.0.8-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * pam_u2f-debuginfo-1.0.8-150000.3.6.1 * pam_u2f-debugsource-1.0.8-150000.3.6.1 * pam_u2f-1.0.8-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23013.html * https://bugzilla.suse.com/show_bug.cgi?id=1233517 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 20 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 Jan 2025 16:30:07 -0000 Subject: SUSE-SU-2025:0194-1: important: Security update for libqt5-qtwebkit Message-ID: <173739060764.6933.12173306366010880935@smelt2.prg2.suse.org> # Security update for libqt5-qtwebkit Announcement ID: SUSE-SU-2025:0194-1 Release Date: 2025-01-20T13:26:29Z Rating: important References: * bsc#1228693 Cross-References: * CVE-2024-40779 CVSS scores: * CVE-2024-40779 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40779 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libqt5-qtwebkit fixes the following issues: * CVE-2024-40779: Fixed heap buffer overflow in computeSampleUsingLinearInterpolation (bsc#1228693) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-194=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-194=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * libQt5WebKitWidgets-private-headers-devel-5.6.2-3.3.1 * libQt5WebKit-private-headers-devel-5.6.2-3.3.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libQt5WebKit5-imports-5.6.2-3.3.1 * libQt5WebKitWidgets-devel-5.6.2-3.3.1 * libqt5-qtwebkit-debugsource-5.6.2-3.3.1 * libQt5WebKitWidgets5-5.6.2-3.3.1 * libQt5WebKit5-5.6.2-3.3.1 * libQt5WebKitWidgets5-debuginfo-5.6.2-3.3.1 * libQt5WebKit5-devel-5.6.2-3.3.1 * libQt5WebKit5-debuginfo-5.6.2-3.3.1 * libQt5WebKit5-imports-debuginfo-5.6.2-3.3.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libQt5WebKitWidgets-private-headers-devel-5.6.2-3.3.1 * libQt5WebKit-private-headers-devel-5.6.2-3.3.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libQt5WebKit5-imports-5.6.2-3.3.1 * libQt5WebKitWidgets-devel-5.6.2-3.3.1 * libqt5-qtwebkit-debugsource-5.6.2-3.3.1 * libQt5WebKitWidgets5-5.6.2-3.3.1 * libQt5WebKit5-5.6.2-3.3.1 * libQt5WebKitWidgets5-debuginfo-5.6.2-3.3.1 * libQt5WebKit5-devel-5.6.2-3.3.1 * libQt5WebKit5-debuginfo-5.6.2-3.3.1 * libQt5WebKit5-imports-debuginfo-5.6.2-3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40779.html * https://bugzilla.suse.com/show_bug.cgi?id=1228693 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 12:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 12:30:08 -0000 Subject: SUSE-SU-2025:0198-1: important: Security update for pam_u2f Message-ID: <173746260846.6933.2433340741438331095@smelt2.prg2.suse.org> # Security update for pam_u2f Announcement ID: SUSE-SU-2025:0198-1 Release Date: 2025-01-21T10:10:14Z Rating: important References: * bsc#1233517 * bsc#1235961 Cross-References: * CVE-2025-23013 CVSS scores: * CVE-2025-23013 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-23013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23013 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for pam_u2f fixes the following issues: * CVE-2025-23013: Fixed problematic PAM_IGNORE return values in `pam_sm_authenticate()` (bsc#1233517) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-198=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-198=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * pam_u2f-1.0.8-3.6.1 * pam_u2f-debugsource-1.0.8-3.6.1 * pam_u2f-debuginfo-1.0.8-3.6.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * pam_u2f-1.0.8-3.6.1 * pam_u2f-debugsource-1.0.8-3.6.1 * pam_u2f-debuginfo-1.0.8-3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23013.html * https://bugzilla.suse.com/show_bug.cgi?id=1233517 * https://bugzilla.suse.com/show_bug.cgi?id=1235961 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 12:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 12:30:19 -0000 Subject: SUSE-SU-2025:0197-1: important: Security update for git Message-ID: <173746261979.6933.5224452917187603367@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2025:0197-1 Release Date: 2025-01-21T10:03:39Z Rating: important References: * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 * bsc#1235600 * bsc#1235601 Cross-References: * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 * CVE-2024-50349 * CVE-2024-52006 CVSS scores: * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-50349 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-50349 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-52006 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-52006 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion. (bsc#1224168) * CVE-2024-32004: Fixed arbitrary code execution during local clones. (bsc#1224170) * CVE-2024-32020: Fix file overwriting vulnerability during local clones. (bsc#1224171) * CVE-2024-32021: Git may create hardlinks to arbitrary user-readable files. (bsc#1224172) * CVE-2024-32465: Fixed arbitrary code execution during clone operations. (bsc#1224173) * CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600). * CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-197=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-197=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * git-daemon-debuginfo-2.26.2-27.78.1 * git-debugsource-2.26.2-27.78.1 * git-svn-2.26.2-27.78.1 * git-daemon-2.26.2-27.78.1 * git-core-2.26.2-27.78.1 * git-2.26.2-27.78.1 * git-email-2.26.2-27.78.1 * git-cvs-2.26.2-27.78.1 * git-core-debuginfo-2.26.2-27.78.1 * git-web-2.26.2-27.78.1 * gitk-2.26.2-27.78.1 * git-gui-2.26.2-27.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * git-daemon-debuginfo-2.26.2-27.78.1 * git-debugsource-2.26.2-27.78.1 * git-svn-2.26.2-27.78.1 * git-daemon-2.26.2-27.78.1 * git-core-2.26.2-27.78.1 * git-2.26.2-27.78.1 * git-email-2.26.2-27.78.1 * git-cvs-2.26.2-27.78.1 * git-core-debuginfo-2.26.2-27.78.1 * git-web-2.26.2-27.78.1 * gitk-2.26.2-27.78.1 * git-gui-2.26.2-27.78.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://www.suse.com/security/cve/CVE-2024-50349.html * https://www.suse.com/security/cve/CVE-2024-52006.html * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 * https://bugzilla.suse.com/show_bug.cgi?id=1235600 * https://bugzilla.suse.com/show_bug.cgi?id=1235601 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 12:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 12:30:25 -0000 Subject: SUSE-SU-2025:0196-1: moderate: Security update for dhcp Message-ID: <173746262538.6933.16681706174298027191@smelt2.prg2.suse.org> # Security update for dhcp Announcement ID: SUSE-SU-2025:0196-1 Release Date: 2025-01-21T08:35:24Z Rating: moderate References: * bsc#1192020 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one security fix can now be installed. ## Description: This update for dhcp fixes the following issues: * Fixed dhcp not starting in case group nogroup is missing (bsc#1192020) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-196=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-196=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-196=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-196=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-196=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-196=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-196=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-196=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-196=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-196=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-196=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-196=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-196=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-196=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-196=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-196=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-196=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-196=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-196=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-doc-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Manager Proxy 4.3 (x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1192020 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 16:33:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 16:33:09 -0000 Subject: SUSE-SU-2025:0208-1: important: Security update for nvidia-open-driver-G06-signed Message-ID: <173747718973.28678.944085336788163320@smelt2.prg2.suse.org> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2025:0208-1 Release Date: 2025-01-21T14:44:38Z Rating: important References: * bsc#1235461 * bsc#1235871 Cross-References: * CVE-2024-0131 * CVE-2024-0147 * CVE-2024-0149 * CVE-2024-0150 * CVE-2024-53869 CVSS scores: * CVE-2024-0131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0149 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: * Update to 550.144.03 (bsc#1235461, bsc#1235871) * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-208=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-208=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-208=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-208=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-208=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-208=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-208=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * nvidia-open-driver-G06-signed-cuda-kmp-azure-565.57.01_k5.14.21_150500.31-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-565.57.01_k5.14.21_150500.31-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-azure-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.144.03_k5.14.21_150500.31-150500.3.70.2 * nvidia-open-driver-G06-signed-azure-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-azure-550.144.03_k5.14.21_150500.31-150500.3.70.2 * openSUSE Leap 15.5 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nv-prefer-signed-open-driver-565.57.01-150500.3.70.2 * openSUSE Leap 15.5 (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150500.53-150500.3.70.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * nv-prefer-signed-open-driver-565.57.01-150500.3.70.2 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * Public Cloud Module 15-SP5 (x86_64) * nvidia-open-driver-G06-signed-cuda-kmp-azure-565.57.01_k5.14.21_150500.31-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-565.57.01_k5.14.21_150500.31-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-azure-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.144.03_k5.14.21_150500.31-150500.3.70.2 * nvidia-open-driver-G06-signed-azure-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-azure-550.144.03_k5.14.21_150500.31-150500.3.70.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nv-prefer-signed-open-driver-565.57.01-150500.3.70.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150500.53-150500.3.70.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nv-prefer-signed-open-driver-565.57.01-150500.3.70.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150500.53-150500.3.70.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nv-prefer-signed-open-driver-565.57.01-150500.3.70.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150500.53-150500.3.70.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150500.3.70.2 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150500.53-150500.3.70.2 * nv-prefer-signed-open-driver-565.57.01-150500.3.70.2 ## References: * https://www.suse.com/security/cve/CVE-2024-0131.html * https://www.suse.com/security/cve/CVE-2024-0147.html * https://www.suse.com/security/cve/CVE-2024-0149.html * https://www.suse.com/security/cve/CVE-2024-0150.html * https://www.suse.com/security/cve/CVE-2024-53869.html * https://bugzilla.suse.com/show_bug.cgi?id=1235461 * https://bugzilla.suse.com/show_bug.cgi?id=1235871 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 16:33:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 16:33:14 -0000 Subject: SUSE-SU-2025:0207-1: important: Security update for nvidia-open-driver-G06-signed Message-ID: <173747719400.28678.15783839929862995330@smelt2.prg2.suse.org> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2025:0207-1 Release Date: 2025-01-21T14:44:07Z Rating: important References: * bsc#1235461 * bsc#1235871 Cross-References: * CVE-2024-0131 * CVE-2024-0147 * CVE-2024-0149 * CVE-2024-0150 * CVE-2024-53869 CVSS scores: * CVE-2024-0131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0149 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: * Update to 550.144.03 (bsc#1235461, bsc#1235871) * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-207=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-207=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-207=1 openSUSE-SLE-15.6-2025-207=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.144.03-150600.3.29.2 * nv-prefer-signed-open-driver-565.57.01-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k6.4.0_150600.21-150600.3.29.2 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150600.3.29.2 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150600.3.29.2 * Basesystem Module 15-SP6 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150600.3.29.2 * Public Cloud Module 15-SP6 (x86_64) * nvidia-open-driver-G06-signed-cuda-azure-devel-565.57.01-150600.3.29.2 * nvidia-open-driver-G06-signed-azure-devel-550.144.03-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.144.03_k6.4.0_150600.6-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-azure-565.57.01_k6.4.0_150600.6-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-565.57.01_k6.4.0_150600.6-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-azure-550.144.03_k6.4.0_150600.6-150600.3.29.2 * openSUSE Leap 15.6 (x86_64) * nvidia-open-driver-G06-signed-cuda-azure-devel-565.57.01-150600.3.29.2 * nvidia-open-driver-G06-signed-azure-devel-550.144.03-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.144.03_k6.4.0_150600.6-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-565.57.01_k6.4.0_150600.6-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-azure-550.144.03_k6.4.0_150600.6-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-azure-565.57.01_k6.4.0_150600.6-150600.3.29.2 * openSUSE Leap 15.6 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150600.3.29.2 * nv-prefer-signed-open-driver-565.57.01-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k6.4.0_150600.21-150600.3.29.2 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150600.3.29.2 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150600.3.29.2 * openSUSE Leap 15.6 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k6.4.0_150600.21-150600.3.29.2 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150600.3.29.2 ## References: * https://www.suse.com/security/cve/CVE-2024-0131.html * https://www.suse.com/security/cve/CVE-2024-0147.html * https://www.suse.com/security/cve/CVE-2024-0149.html * https://www.suse.com/security/cve/CVE-2024-0150.html * https://www.suse.com/security/cve/CVE-2024-53869.html * https://bugzilla.suse.com/show_bug.cgi?id=1235461 * https://bugzilla.suse.com/show_bug.cgi?id=1235871 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 16:33:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 16:33:44 -0000 Subject: SUSE-SU-2025:0203-1: important: Security update for the Linux Kernel Message-ID: <173747722405.28678.7447584411866055198@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0203-1 Release Date: 2025-01-21T13:58:43Z Rating: important References: * bsc#1170891 * bsc#1173139 * bsc#1185010 * bsc#1190358 * bsc#1190428 * bsc#1209798 * bsc#1215304 * bsc#1222878 * bsc#1228466 * bsc#1230697 * bsc#1232436 * bsc#1233070 * bsc#1233642 * bsc#1234281 * bsc#1234282 * bsc#1234846 * bsc#1234853 * bsc#1234891 * bsc#1234921 * bsc#1234960 * bsc#1234963 * bsc#1235004 * bsc#1235035 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235220 * bsc#1235224 * bsc#1235246 * bsc#1235507 Cross-References: * CVE-2021-47202 * CVE-2022-49035 * CVE-2024-41087 * CVE-2024-50154 * CVE-2024-53095 * CVE-2024-53142 * CVE-2024-53146 * CVE-2024-53156 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53206 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56570 * CVE-2024-56598 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56619 * CVE-2024-8805 CVSS scores: * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56570 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56598 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56598 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56619 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56619 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 23 vulnerabilities and has eight security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-41087: Fix double free on error (bsc#1228466). * CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). * CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1230697). The following non-security bugs were fixed: * Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139) * KVM: x86: fix sending PV IPI (git-fixes). * fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358) * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. * supported.conf: add bsc1185010 dependency * supported.conf: hyperv_drm (jsc#sle-19733) * usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). * usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git- fixes). * x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). * x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). * x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). * x86/fpu: Remove unused supervisor only offsets (git-fixes). * x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). * x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). * x86/mce: Allow instrumentation during task work queueing (git-fixes). * x86/mce: Mark mce_end() noinstr (git-fixes). * x86/mce: Mark mce_panic() noinstr (git-fixes). * x86/mce: Mark mce_read_aux() noinstr (git-fixes). * x86/mm: Flush global TLB when switching to trampoline page-table (git- fixes). * x86/sgx: Free backing memory after faulting the enclave page (git-fixes). * x86/sgx: Silence softlockup detection when releasing large enclaves (git- fixes). * x86/uaccess: Move variable into switch case statement (git-fixes). * x86: Annotate call_on_stack() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-203=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-203=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-203=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-203=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-203=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-203=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-203=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-203=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-203=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-203=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-203=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-203=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-203=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-203=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * kernel-source-vanilla-5.14.21-150400.24.147.1 * kernel-docs-html-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-debug-debugsource-5.14.21-150400.24.147.1 * kernel-debug-debuginfo-5.14.21-150400.24.147.1 * kernel-debug-devel-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-5.14.21-150400.24.147.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.147.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-base-rebuild-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-syms-5.14.21-150400.24.147.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-obs-qa-5.14.21-150400.24.147.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.147.1 * kernel-default-optional-5.14.21-150400.24.147.1 * kernel-default-livepatch-5.14.21-150400.24.147.1 * dlm-kmp-default-5.14.21-150400.24.147.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.147.1 * cluster-md-kmp-default-5.14.21-150400.24.147.1 * ocfs2-kmp-default-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kselftests-kmp-default-5.14.21-150400.24.147.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.147.1 * kernel-default-extra-5.14.21-150400.24.147.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.147.1 * gfs2-kmp-default-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_147-default-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_35-debugsource-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.147.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64) * cluster-md-kmp-64kb-5.14.21-150400.24.147.1 * gfs2-kmp-64kb-5.14.21-150400.24.147.1 * dtb-allwinner-5.14.21-150400.24.147.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * reiserfs-kmp-64kb-5.14.21-150400.24.147.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.147.1 * dtb-freescale-5.14.21-150400.24.147.1 * dtb-amd-5.14.21-150400.24.147.1 * dtb-amlogic-5.14.21-150400.24.147.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * kselftests-kmp-64kb-5.14.21-150400.24.147.1 * dtb-apm-5.14.21-150400.24.147.1 * kernel-64kb-extra-5.14.21-150400.24.147.1 * dtb-qcom-5.14.21-150400.24.147.1 * dtb-arm-5.14.21-150400.24.147.1 * dlm-kmp-64kb-5.14.21-150400.24.147.1 * dtb-lg-5.14.21-150400.24.147.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.147.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * dtb-cavium-5.14.21-150400.24.147.1 * dtb-apple-5.14.21-150400.24.147.1 * dtb-mediatek-5.14.21-150400.24.147.1 * ocfs2-kmp-64kb-5.14.21-150400.24.147.1 * dtb-broadcom-5.14.21-150400.24.147.1 * dtb-exynos-5.14.21-150400.24.147.1 * dtb-xilinx-5.14.21-150400.24.147.1 * dtb-marvell-5.14.21-150400.24.147.1 * kernel-64kb-debugsource-5.14.21-150400.24.147.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-5.14.21-150400.24.147.1 * dtb-nvidia-5.14.21-150400.24.147.1 * dtb-rockchip-5.14.21-150400.24.147.1 * kernel-64kb-optional-5.14.21-150400.24.147.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.147.1 * dtb-sprd-5.14.21-150400.24.147.1 * kernel-64kb-debuginfo-5.14.21-150400.24.147.1 * dtb-renesas-5.14.21-150400.24.147.1 * dtb-hisilicon-5.14.21-150400.24.147.1 * dtb-altera-5.14.21-150400.24.147.1 * dtb-socionext-5.14.21-150400.24.147.1 * dtb-amazon-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.147.1 * kernel-livepatch-5_14_21-150400_24_147-default-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_35-debugsource-1-150400.9.3.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-livepatch-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-5.14.21-150400.24.147.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.147.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.147.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.147.1 * cluster-md-kmp-default-5.14.21-150400.24.147.1 * ocfs2-kmp-default-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * gfs2-kmp-default-5.14.21-150400.24.147.1 * dlm-kmp-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-5.14.21-150400.24.147.1 * kernel-64kb-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-5.14.21-150400.24.147.1 * kernel-64kb-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-5.14.21-150400.24.147.1 * kernel-64kb-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.147.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.147.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.147.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-53095.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56570.html * https://www.suse.com/security/cve/CVE-2024-56598.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56619.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1170891 * https://bugzilla.suse.com/show_bug.cgi?id=1173139 * https://bugzilla.suse.com/show_bug.cgi?id=1185010 * https://bugzilla.suse.com/show_bug.cgi?id=1190358 * https://bugzilla.suse.com/show_bug.cgi?id=1190428 * https://bugzilla.suse.com/show_bug.cgi?id=1209798 * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235035 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235220 * https://bugzilla.suse.com/show_bug.cgi?id=1235224 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 16:34:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 16:34:01 -0000 Subject: SUSE-SU-2025:0202-1: important: Security update for the Linux Kernel Message-ID: <173747724115.28678.15917268220950346420@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0202-1 Release Date: 2025-01-21T12:52:58Z Rating: important References: * bsc#1215304 * bsc#1220927 * bsc#1220937 * bsc#1230697 * bsc#1232436 * bsc#1234281 * bsc#1234690 * bsc#1234846 * bsc#1234853 * bsc#1234891 * bsc#1234921 * bsc#1234963 * bsc#1235004 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235246 * bsc#1235480 * bsc#1235584 Cross-References: * CVE-2022-49035 * CVE-2023-52524 * CVE-2024-53142 * CVE-2024-53144 * CVE-2024-53146 * CVE-2024-53156 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56631 * CVE-2024-56704 * CVE-2024-8805 CVSS scores: * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56631 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 18 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49035: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (bsc#1215304). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). The following non-security bugs were fixed: * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-202=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-202=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-202=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-202=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-202=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-202=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-202=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-202=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-202=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-202=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.188.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-devel-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.188.1 * kernel-preempt-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.188.1 * kernel-macros-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (noarch) * kernel-macros-5.3.18-150300.59.188.1 * kernel-source-5.3.18-150300.59.188.1 * kernel-docs-html-5.3.18-150300.59.188.1 * kernel-source-vanilla-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-debug-5.3.18-150300.59.188.1 * kernel-kvmsmall-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-debug-debugsource-5.3.18-150300.59.188.1 * kernel-debug-devel-5.3.18-150300.59.188.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.188.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.188.1 * kernel-kvmsmall-devel-5.3.18-150300.59.188.1 * kernel-debug-debuginfo-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kernel-default-base-rebuild-5.3.18-150300.59.188.1.150300.18.111.1 * kernel-default-debuginfo-5.3.18-150300.59.188.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.188.1 * gfs2-kmp-default-5.3.18-150300.59.188.1 * kselftests-kmp-default-5.3.18-150300.59.188.1 * ocfs2-kmp-default-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-optional-5.3.18-150300.59.188.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.188.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-qa-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-default-extra-5.3.18-150300.59.188.1 * kernel-default-livepatch-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.188.1 * dlm-kmp-default-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * cluster-md-kmp-default-5.3.18-150300.59.188.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_188-default-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_52-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_188-default-debuginfo-1-150300.7.3.1 * kernel-default-livepatch-devel-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_188-preempt-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_188-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-extra-5.3.18-150300.59.188.1 * cluster-md-kmp-preempt-5.3.18-150300.59.188.1 * dlm-kmp-preempt-5.3.18-150300.59.188.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * reiserfs-kmp-preempt-5.3.18-150300.59.188.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * gfs2-kmp-preempt-5.3.18-150300.59.188.1 * kernel-preempt-optional-5.3.18-150300.59.188.1 * ocfs2-kmp-preempt-5.3.18-150300.59.188.1 * kselftests-kmp-preempt-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.188.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64) * reiserfs-kmp-64kb-5.3.18-150300.59.188.1 * dtb-xilinx-5.3.18-150300.59.188.1 * dtb-allwinner-5.3.18-150300.59.188.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.188.1 * dtb-amd-5.3.18-150300.59.188.1 * dtb-exynos-5.3.18-150300.59.188.1 * gfs2-kmp-64kb-5.3.18-150300.59.188.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-al-5.3.18-150300.59.188.1 * kernel-64kb-optional-5.3.18-150300.59.188.1 * dtb-freescale-5.3.18-150300.59.188.1 * dtb-arm-5.3.18-150300.59.188.1 * dtb-rockchip-5.3.18-150300.59.188.1 * kselftests-kmp-64kb-5.3.18-150300.59.188.1 * cluster-md-kmp-64kb-5.3.18-150300.59.188.1 * kernel-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-marvell-5.3.18-150300.59.188.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.188.1 * dtb-mediatek-5.3.18-150300.59.188.1 * dtb-nvidia-5.3.18-150300.59.188.1 * dtb-socionext-5.3.18-150300.59.188.1 * dtb-broadcom-5.3.18-150300.59.188.1 * dtb-apm-5.3.18-150300.59.188.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-cavium-5.3.18-150300.59.188.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-zte-5.3.18-150300.59.188.1 * ocfs2-kmp-64kb-5.3.18-150300.59.188.1 * dtb-renesas-5.3.18-150300.59.188.1 * kernel-64kb-extra-5.3.18-150300.59.188.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-lg-5.3.18-150300.59.188.1 * dtb-hisilicon-5.3.18-150300.59.188.1 * dtb-amlogic-5.3.18-150300.59.188.1 * dtb-sprd-5.3.18-150300.59.188.1 * dlm-kmp-64kb-5.3.18-150300.59.188.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-qcom-5.3.18-150300.59.188.1 * kernel-64kb-debugsource-5.3.18-150300.59.188.1 * kernel-64kb-devel-5.3.18-150300.59.188.1 * dtb-altera-5.3.18-150300.59.188.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-livepatch-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-livepatch-5.3.18-150300.59.188.1 * kernel-livepatch-5_3_18-150300_59_188-default-1-150300.7.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.188.1 * dlm-kmp-default-5.3.18-150300.59.188.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.188.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.188.1 * gfs2-kmp-default-5.3.18-150300.59.188.1 * cluster-md-kmp-default-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * ocfs2-kmp-default-5.3.18-150300.59.188.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.188.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.188.1 * kernel-preempt-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.188.1 * kernel-macros-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.188.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kernel-source-5.3.18-150300.59.188.1 * kernel-macros-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.188.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.188.1 * kernel-macros-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56631.html * https://www.suse.com/security/cve/CVE-2024-56704.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235480 * https://bugzilla.suse.com/show_bug.cgi?id=1235584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 16:35:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 16:35:22 -0000 Subject: SUSE-SU-2025:0201-1: important: Security update for the Linux Kernel Message-ID: <173747732266.28678.15708134737069645182@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0201-1 Release Date: 2025-01-21T12:51:49Z Rating: important References: * bsc#1170891 * bsc#1173139 * bsc#1185010 * bsc#1190358 * bsc#1190428 * bsc#1203332 * bsc#1205521 * bsc#1209288 * bsc#1209798 * bsc#1211593 * bsc#1211595 * bsc#1214635 * bsc#1215304 * bsc#1215523 * bsc#1216813 * bsc#1216909 * bsc#1219608 * bsc#1222878 * bsc#1223044 * bsc#1225758 * bsc#1225820 * bsc#1226694 * bsc#1228190 * bsc#1229809 * bsc#1230422 * bsc#1230697 * bsc#1231388 * bsc#1231453 * bsc#1231854 * bsc#1232045 * bsc#1232157 * bsc#1232166 * bsc#1232419 * bsc#1232436 * bsc#1232472 * bsc#1232823 * bsc#1233038 * bsc#1233050 * bsc#1233070 * bsc#1233096 * bsc#1233127 * bsc#1233200 * bsc#1233239 * bsc#1233324 * bsc#1233467 * bsc#1233468 * bsc#1233469 * bsc#1233485 * bsc#1233547 * bsc#1233550 * bsc#1233558 * bsc#1233564 * bsc#1233568 * bsc#1233637 * bsc#1233642 * bsc#1233701 * bsc#1233769 * bsc#1233837 * bsc#1234072 * bsc#1234073 * bsc#1234075 * bsc#1234076 * bsc#1234077 * bsc#1234087 * bsc#1234120 * bsc#1234156 * bsc#1234219 * bsc#1234220 * bsc#1234240 * bsc#1234241 * bsc#1234281 * bsc#1234282 * bsc#1234294 * bsc#1234338 * bsc#1234357 * bsc#1234437 * bsc#1234464 * bsc#1234605 * bsc#1234639 * bsc#1234650 * bsc#1234727 * bsc#1234811 * bsc#1234827 * bsc#1234834 * bsc#1234843 * bsc#1234846 * bsc#1234853 * bsc#1234856 * bsc#1234891 * bsc#1234912 * bsc#1234920 * bsc#1234921 * bsc#1234960 * bsc#1234963 * bsc#1234971 * bsc#1234973 * bsc#1235004 * bsc#1235035 * bsc#1235037 * bsc#1235039 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235220 * bsc#1235224 * bsc#1235246 * bsc#1235507 Cross-References: * CVE-2021-47202 * CVE-2022-36280 * CVE-2022-48742 * CVE-2022-49033 * CVE-2022-49035 * CVE-2023-1382 * CVE-2023-33951 * CVE-2023-33952 * CVE-2023-52920 * CVE-2024-24860 * CVE-2024-26886 * CVE-2024-26924 * CVE-2024-36915 * CVE-2024-42232 * CVE-2024-44934 * CVE-2024-47666 * CVE-2024-47678 * CVE-2024-49944 * CVE-2024-49952 * CVE-2024-50018 * CVE-2024-50143 * CVE-2024-50154 * CVE-2024-50166 * CVE-2024-50181 * CVE-2024-50202 * CVE-2024-50211 * CVE-2024-50256 * CVE-2024-50262 * CVE-2024-50278 * CVE-2024-50279 * CVE-2024-50280 * CVE-2024-50296 * CVE-2024-53051 * CVE-2024-53055 * CVE-2024-53056 * CVE-2024-53064 * CVE-2024-53072 * CVE-2024-53090 * CVE-2024-53095 * CVE-2024-53101 * CVE-2024-53113 * CVE-2024-53114 * CVE-2024-53119 * CVE-2024-53120 * CVE-2024-53122 * CVE-2024-53125 * CVE-2024-53130 * CVE-2024-53131 * CVE-2024-53142 * CVE-2024-53146 * CVE-2024-53150 * CVE-2024-53156 * CVE-2024-53157 * CVE-2024-53158 * CVE-2024-53161 * CVE-2024-53162 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53206 * CVE-2024-53210 * CVE-2024-53213 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56549 * CVE-2024-56570 * CVE-2024-56571 * CVE-2024-56575 * CVE-2024-56598 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56619 * CVE-2024-56755 * CVE-2024-8805 CVSS scores: * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-36280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-36280 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-48742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48742 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49033 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1382 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1382 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-33951 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L * CVE-2023-33951 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-33952 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-33952 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24860 ( NVD ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26886 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47666 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47666 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-49944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50018 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50181 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50181 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50262 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50262 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50279 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50279 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50296 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50296 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53051 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53056 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53072 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53101 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53101 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53150 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53150 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53161 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53213 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56549 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56549 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56570 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56571 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56571 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56575 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56598 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56598 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56619 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56619 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56755 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56755 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 77 vulnerabilities and has 31 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332). * CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694). * CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045). * CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288). * CVE-2023-33951: Fixed a race condition that could have led to an information disclosure inside the vmwgfx driver (bsc#1211593). * CVE-2023-33952: Fixed a double free that could have led to a local privilege escalation inside the vmwgfx driver (bsc#1211595). * CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823). * CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044). * CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). * CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453). * CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). * CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). * CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). * CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). * CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). * CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050). * CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127). * CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). * CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096). * CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). * CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). * CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469). * CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). * CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). * CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). * CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547). * CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550). * CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568). * CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464). * CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564). * CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). * CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). * CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769). * CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). * CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072). * CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). * CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). * CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). * CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827). * CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811). * CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). * CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971). * CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). * CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037). * CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039). * CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). * CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: * ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) * Documentation: Add x86/amd_hsmp driver (jsc#PED-1295). * Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git- fixes). * Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139) * KVM: x86: fix sending PV IPI (git-fixes). * NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git- fixes). * NFSD: Fix nfsd4_shutdown_copy() (git-fixes). * NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472). * NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). * NFSD: Prevent a potential integer overflow (git-fixes). * NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472). * NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git- fixes). * PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes). * RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git- fixes) * README: Clean-up trailing whitespace * SUNRPC: make sure cache entry active before cache_show (git-fixes). * amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295). * arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) * arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git- fixes). * arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes). * arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git- fixes). * arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire- excavator (git-fixes). * arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git- fixes). * arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes). * autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). * autofs: use flexible array in ioctl structure (git-fixes). * devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422). * devlink: do not require setting features before registration (bsc#1231388 bsc#1230422). * dma-fence: Fix reference leak on fence merge failure path (git-fixes). * dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). * dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357). * drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes). * drm/v3d: Enable Performance Counters before clearing them (git-fixes). * exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). * fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358) Fixes: 3b8c4d9bcc24 ("rpm: support gz and zst compression methods") Fixes: 23510fce36ec ("fixup "rpm: support gz and zst compression methods"") * hfsplus: do not query the device logical block size multiple times (git- fixes). * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727). * jffs2: Fix rtime decompressor (git-fixes). * jffs2: Prevent rtime decompress memory corruption (git-fixes). * jffs2: fix use of uninitialized variable (git-fixes). * jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git- fixes). * jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). * jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). * jfs: fix shift-out-of-bounds in dbSplit (git-fixes). * jfs: xattr: check invalid xattr size more strictly (git-fixes). * kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth * kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. * kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639). * memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763). * mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120). * mmc: core: Further prevent card detect during shutdown (git-fixes). * net/ipv6: release expired exception dst cached in socket (bsc#1216813). * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * nfsd: make sure exp active before svc_export_show (git-fixes). * nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472). * nfsd: restore callback functionality for NFSv4.0 (git-fixes). * nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). * nilfs2: prevent use of deleted inode (git-fixes). * ocfs2: uncache inode which has failed entering the group (bsc#1234087). * phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763). * platform/x86: Add AMD system management interface (jsc#PED-1295). * proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git- fixes). * pwm: tegra: Improve required rate calculation (jsc#PED-1763). * regmap: detach regmap from dev on regmap_exit (git-fixes). * rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression * scatterlist: fix incorrect func name in kernel-doc (git-fixes). * scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * serial: tegra: Read DMA status before terminating (jsc#PED-1763). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. * spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes). * sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git- fixes). * supported.conf: add bsc1185010 dependency * supported.conf: hyperv_drm (jsc#sle-19733) * svcrdma: Address an integer overflow (git-fixes). * svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git- fixes). * tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) * ubifs: Correct the total block count by deducting journal reservation (git- fixes). * ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git- fixes). * udf: Handle error when adding extent to a file (bsc#1234437). * udf: refactor udf_current_aext() to handle error (bsc#1234240). * udf: refactor udf_next_aext() to handle error (bsc#1234241). * usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). * usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git- fixes). * x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). * x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). * x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). * x86/fpu: Remove unused supervisor only offsets (git-fixes). * x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). * x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). * x86/mce: Allow instrumentation during task work queueing (git-fixes). * x86/mce: Mark mce_end() noinstr (git-fixes). * x86/mce: Mark mce_panic() noinstr (git-fixes). * x86/mce: Mark mce_read_aux() noinstr (git-fixes). * x86/mm: Flush global TLB when switching to trampoline page-table (git- fixes). * x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). * x86/sgx: Free backing memory after faulting the enclave page (git-fixes). * x86/sgx: Silence softlockup detection when releasing large enclaves (git- fixes). * x86/uaccess: Move variable into switch case statement (git-fixes). * x86: Annotate call_on_stack() (git-fixes). * xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). * zonefs: fix zone report size in __zonefs_io_error() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-201=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-201=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-201=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-201=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-201=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-201=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-201=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-201=1 ## Package List: * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (noarch) * kernel-macros-5.14.21-150500.55.91.1 * kernel-source-vanilla-5.14.21-150500.55.91.1 * kernel-docs-html-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * kernel-devel-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (ppc64le x86_64) * kernel-debug-debuginfo-5.14.21-150500.55.91.1 * kernel-debug-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-debug-debugsource-5.14.21-150500.55.91.1 * kernel-debug-devel-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (x86_64) * kernel-default-vdso-debuginfo-5.14.21-150500.55.91.1 * kernel-kvmsmall-vdso-5.14.21-150500.55.91.1 * kernel-default-vdso-5.14.21-150500.55.91.1 * kernel-debug-vdso-5.14.21-150500.55.91.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.91.1 * kernel-debug-vdso-debuginfo-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debugsource-5.14.21-150500.55.91.1 * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.91.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-default-base-rebuild-5.14.21-150500.55.91.1.150500.6.41.1 * kernel-kvmsmall-devel-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-default-optional-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * reiserfs-kmp-default-5.14.21-150500.55.91.1 * kselftests-kmp-default-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * ocfs2-kmp-default-5.14.21-150500.55.91.1 * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-default-livepatch-5.14.21-150500.55.91.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.91.1 * kernel-obs-qa-5.14.21-150500.55.91.1 * dlm-kmp-default-5.14.21-150500.55.91.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-extra-5.14.21-150500.55.91.1 * cluster-md-kmp-default-5.14.21-150500.55.91.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-debugsource-5.14.21-150500.55.91.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * gfs2-kmp-default-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_22-debugsource-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_91-default-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.91.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (aarch64) * dtb-nvidia-5.14.21-150500.55.91.1 * kernel-64kb-debugsource-5.14.21-150500.55.91.1 * dtb-apple-5.14.21-150500.55.91.1 * dtb-amlogic-5.14.21-150500.55.91.1 * ocfs2-kmp-64kb-5.14.21-150500.55.91.1 * dtb-socionext-5.14.21-150500.55.91.1 * dtb-allwinner-5.14.21-150500.55.91.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-extra-5.14.21-150500.55.91.1 * kernel-64kb-optional-5.14.21-150500.55.91.1 * dtb-arm-5.14.21-150500.55.91.1 * dtb-qcom-5.14.21-150500.55.91.1 * dtb-rockchip-5.14.21-150500.55.91.1 * dtb-marvell-5.14.21-150500.55.91.1 * dtb-lg-5.14.21-150500.55.91.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.91.1 * dtb-sprd-5.14.21-150500.55.91.1 * dtb-freescale-5.14.21-150500.55.91.1 * dtb-xilinx-5.14.21-150500.55.91.1 * dtb-exynos-5.14.21-150500.55.91.1 * cluster-md-kmp-64kb-5.14.21-150500.55.91.1 * dlm-kmp-64kb-5.14.21-150500.55.91.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.91.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.91.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.91.1 * dtb-apm-5.14.21-150500.55.91.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.91.1 * dtb-cavium-5.14.21-150500.55.91.1 * dtb-altera-5.14.21-150500.55.91.1 * dtb-amazon-5.14.21-150500.55.91.1 * dtb-hisilicon-5.14.21-150500.55.91.1 * kernel-64kb-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-devel-5.14.21-150500.55.91.1 * dtb-broadcom-5.14.21-150500.55.91.1 * kselftests-kmp-64kb-5.14.21-150500.55.91.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.91.1 * dtb-mediatek-5.14.21-150500.55.91.1 * dtb-amd-5.14.21-150500.55.91.1 * dtb-renesas-5.14.21-150500.55.91.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.91.1 * reiserfs-kmp-64kb-5.14.21-150500.55.91.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.91.1 * gfs2-kmp-64kb-5.14.21-150500.55.91.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.91.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.91.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-1-150500.11.3.1 * kernel-default-livepatch-5.14.21-150500.55.91.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-livepatch-devel-5.14.21-150500.55.91.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_91-default-1-150500.11.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-5.14.21-150500.55.91.1 * ocfs2-kmp-default-5.14.21-150500.55.91.1 * kernel-default-debugsource-5.14.21-150500.55.91.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.91.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.91.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * cluster-md-kmp-default-5.14.21-150500.55.91.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * gfs2-kmp-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.91.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-devel-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-default-debugsource-5.14.21-150500.55.91.1 * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.91.1 * kernel-devel-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.91.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-devel-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-default-debugsource-5.14.21-150500.55.91.1 * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.91.1 * kernel-devel-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.91.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-devel-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.91.1 * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * reiserfs-kmp-default-5.14.21-150500.55.91.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-macros-5.14.21-150500.55.91.1 * kernel-devel-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.91.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kernel-default-debugsource-5.14.21-150500.55.91.1 * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * reiserfs-kmp-default-5.14.21-150500.55.91.1 * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.91.1 * kernel-devel-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2022-36280.html * https://www.suse.com/security/cve/CVE-2022-48742.html * https://www.suse.com/security/cve/CVE-2022-49033.html * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2023-1382.html * https://www.suse.com/security/cve/CVE-2023-33951.html * https://www.suse.com/security/cve/CVE-2023-33952.html * https://www.suse.com/security/cve/CVE-2023-52920.html * https://www.suse.com/security/cve/CVE-2024-24860.html * https://www.suse.com/security/cve/CVE-2024-26886.html * https://www.suse.com/security/cve/CVE-2024-26924.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-44934.html * https://www.suse.com/security/cve/CVE-2024-47666.html * https://www.suse.com/security/cve/CVE-2024-47678.html * https://www.suse.com/security/cve/CVE-2024-49944.html * https://www.suse.com/security/cve/CVE-2024-49952.html * https://www.suse.com/security/cve/CVE-2024-50018.html * https://www.suse.com/security/cve/CVE-2024-50143.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-50166.html * https://www.suse.com/security/cve/CVE-2024-50181.html * https://www.suse.com/security/cve/CVE-2024-50202.html * https://www.suse.com/security/cve/CVE-2024-50211.html * https://www.suse.com/security/cve/CVE-2024-50256.html * https://www.suse.com/security/cve/CVE-2024-50262.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50279.html * https://www.suse.com/security/cve/CVE-2024-50280.html * https://www.suse.com/security/cve/CVE-2024-50296.html * https://www.suse.com/security/cve/CVE-2024-53051.html * https://www.suse.com/security/cve/CVE-2024-53055.html * https://www.suse.com/security/cve/CVE-2024-53056.html * https://www.suse.com/security/cve/CVE-2024-53064.html * https://www.suse.com/security/cve/CVE-2024-53072.html * https://www.suse.com/security/cve/CVE-2024-53090.html * https://www.suse.com/security/cve/CVE-2024-53095.html * https://www.suse.com/security/cve/CVE-2024-53101.html * https://www.suse.com/security/cve/CVE-2024-53113.html * https://www.suse.com/security/cve/CVE-2024-53114.html * https://www.suse.com/security/cve/CVE-2024-53119.html * https://www.suse.com/security/cve/CVE-2024-53120.html * https://www.suse.com/security/cve/CVE-2024-53122.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-53130.html * https://www.suse.com/security/cve/CVE-2024-53131.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53150.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53157.html * https://www.suse.com/security/cve/CVE-2024-53158.html * https://www.suse.com/security/cve/CVE-2024-53161.html * https://www.suse.com/security/cve/CVE-2024-53162.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53210.html * https://www.suse.com/security/cve/CVE-2024-53213.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56549.html * https://www.suse.com/security/cve/CVE-2024-56570.html * https://www.suse.com/security/cve/CVE-2024-56571.html * https://www.suse.com/security/cve/CVE-2024-56575.html * https://www.suse.com/security/cve/CVE-2024-56598.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56619.html * https://www.suse.com/security/cve/CVE-2024-56755.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1170891 * https://bugzilla.suse.com/show_bug.cgi?id=1173139 * https://bugzilla.suse.com/show_bug.cgi?id=1185010 * https://bugzilla.suse.com/show_bug.cgi?id=1190358 * https://bugzilla.suse.com/show_bug.cgi?id=1190428 * https://bugzilla.suse.com/show_bug.cgi?id=1203332 * https://bugzilla.suse.com/show_bug.cgi?id=1205521 * https://bugzilla.suse.com/show_bug.cgi?id=1209288 * https://bugzilla.suse.com/show_bug.cgi?id=1209798 * https://bugzilla.suse.com/show_bug.cgi?id=1211593 * https://bugzilla.suse.com/show_bug.cgi?id=1211595 * https://bugzilla.suse.com/show_bug.cgi?id=1214635 * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1215523 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1216909 * https://bugzilla.suse.com/show_bug.cgi?id=1219608 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1223044 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225820 * https://bugzilla.suse.com/show_bug.cgi?id=1226694 * https://bugzilla.suse.com/show_bug.cgi?id=1228190 * https://bugzilla.suse.com/show_bug.cgi?id=1229809 * https://bugzilla.suse.com/show_bug.cgi?id=1230422 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1231388 * https://bugzilla.suse.com/show_bug.cgi?id=1231453 * https://bugzilla.suse.com/show_bug.cgi?id=1231854 * https://bugzilla.suse.com/show_bug.cgi?id=1232045 * https://bugzilla.suse.com/show_bug.cgi?id=1232157 * https://bugzilla.suse.com/show_bug.cgi?id=1232166 * https://bugzilla.suse.com/show_bug.cgi?id=1232419 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1232472 * https://bugzilla.suse.com/show_bug.cgi?id=1232823 * https://bugzilla.suse.com/show_bug.cgi?id=1233038 * https://bugzilla.suse.com/show_bug.cgi?id=1233050 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233096 * https://bugzilla.suse.com/show_bug.cgi?id=1233127 * https://bugzilla.suse.com/show_bug.cgi?id=1233200 * https://bugzilla.suse.com/show_bug.cgi?id=1233239 * https://bugzilla.suse.com/show_bug.cgi?id=1233324 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233468 * https://bugzilla.suse.com/show_bug.cgi?id=1233469 * https://bugzilla.suse.com/show_bug.cgi?id=1233485 * https://bugzilla.suse.com/show_bug.cgi?id=1233547 * https://bugzilla.suse.com/show_bug.cgi?id=1233550 * https://bugzilla.suse.com/show_bug.cgi?id=1233558 * https://bugzilla.suse.com/show_bug.cgi?id=1233564 * https://bugzilla.suse.com/show_bug.cgi?id=1233568 * https://bugzilla.suse.com/show_bug.cgi?id=1233637 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1233701 * https://bugzilla.suse.com/show_bug.cgi?id=1233769 * https://bugzilla.suse.com/show_bug.cgi?id=1233837 * https://bugzilla.suse.com/show_bug.cgi?id=1234072 * https://bugzilla.suse.com/show_bug.cgi?id=1234073 * https://bugzilla.suse.com/show_bug.cgi?id=1234075 * https://bugzilla.suse.com/show_bug.cgi?id=1234076 * https://bugzilla.suse.com/show_bug.cgi?id=1234077 * https://bugzilla.suse.com/show_bug.cgi?id=1234087 * https://bugzilla.suse.com/show_bug.cgi?id=1234120 * https://bugzilla.suse.com/show_bug.cgi?id=1234156 * https://bugzilla.suse.com/show_bug.cgi?id=1234219 * https://bugzilla.suse.com/show_bug.cgi?id=1234220 * https://bugzilla.suse.com/show_bug.cgi?id=1234240 * https://bugzilla.suse.com/show_bug.cgi?id=1234241 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234294 * https://bugzilla.suse.com/show_bug.cgi?id=1234338 * https://bugzilla.suse.com/show_bug.cgi?id=1234357 * https://bugzilla.suse.com/show_bug.cgi?id=1234437 * https://bugzilla.suse.com/show_bug.cgi?id=1234464 * https://bugzilla.suse.com/show_bug.cgi?id=1234605 * https://bugzilla.suse.com/show_bug.cgi?id=1234639 * https://bugzilla.suse.com/show_bug.cgi?id=1234650 * https://bugzilla.suse.com/show_bug.cgi?id=1234727 * https://bugzilla.suse.com/show_bug.cgi?id=1234811 * https://bugzilla.suse.com/show_bug.cgi?id=1234827 * https://bugzilla.suse.com/show_bug.cgi?id=1234834 * https://bugzilla.suse.com/show_bug.cgi?id=1234843 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234856 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234912 * https://bugzilla.suse.com/show_bug.cgi?id=1234920 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1234971 * https://bugzilla.suse.com/show_bug.cgi?id=1234973 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235035 * https://bugzilla.suse.com/show_bug.cgi?id=1235037 * https://bugzilla.suse.com/show_bug.cgi?id=1235039 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235220 * https://bugzilla.suse.com/show_bug.cgi?id=1235224 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 16:35:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 Jan 2025 16:35:26 -0000 Subject: SUSE-SU-2025:0200-1: important: Security update for pam_u2f Message-ID: <173747732659.28678.7820962593680134395@smelt2.prg2.suse.org> # Security update for pam_u2f Announcement ID: SUSE-SU-2025:0200-1 Release Date: 2025-01-21T12:50:27Z Rating: important References: * bsc#1233517 * bsc#1235961 Cross-References: * CVE-2025-23013 CVSS scores: * CVE-2025-23013 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-23013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23013 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for pam_u2f fixes the following issues: * CVE-2025-23013: Fixed problematic PAM_IGNORE return values in `pam_sm_authenticate()` (bsc#1233517) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-200=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-200=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-200=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-200=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-200=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-200=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-200=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-200=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-200=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-200=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-200=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-200=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-200=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-200=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-200=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-200=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-200=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Manager Proxy 4.3 (x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23013.html * https://bugzilla.suse.com/show_bug.cgi?id=1233517 * https://bugzilla.suse.com/show_bug.cgi?id=1235961 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 22 08:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 Jan 2025 08:30:20 -0000 Subject: SUSE-SU-2025:0217-1: moderate: Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont Message-ID: <173753462037.6933.8951480230480346197@smelt2.prg2.suse.org> # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2025:0217-1 Release Date: 2025-01-22T02:53:58Z Rating: moderate References: * jsc#PED-10545 Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.61.0: * Release notes * https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.61.0 * https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.4 * https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.3 * https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.2 * Enable aarch64 build for SLE and mark it as techpreview (jsc#PED-10545) * Install nbdkit-server to avoid pulling unneeded dependencies ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-217=1 openSUSE-SLE-15.6-2025-217=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-217=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * containerized-data-importer-uploadproxy-1.61.0-150600.3.12.1 * containerized-data-importer-uploadproxy-debuginfo-1.61.0-150600.3.12.1 * containerized-data-importer-uploadserver-1.61.0-150600.3.12.1 * containerized-data-importer-uploadserver-debuginfo-1.61.0-150600.3.12.1 * containerized-data-importer-operator-1.61.0-150600.3.12.1 * containerized-data-importer-api-1.61.0-150600.3.12.1 * containerized-data-importer-operator-debuginfo-1.61.0-150600.3.12.1 * obs-service-cdi_containers_meta-1.61.0-150600.3.12.1 * containerized-data-importer-cloner-1.61.0-150600.3.12.1 * containerized-data-importer-importer-debuginfo-1.61.0-150600.3.12.1 * containerized-data-importer-controller-debuginfo-1.61.0-150600.3.12.1 * containerized-data-importer-controller-1.61.0-150600.3.12.1 * containerized-data-importer-cloner-debuginfo-1.61.0-150600.3.12.1 * containerized-data-importer-api-debuginfo-1.61.0-150600.3.12.1 * containerized-data-importer-importer-1.61.0-150600.3.12.1 * containerized-data-importer-manifests-1.61.0-150600.3.12.1 * Containers Module 15-SP6 (aarch64 x86_64) * containerized-data-importer-manifests-1.61.0-150600.3.12.1 ## References: * https://jira.suse.com/browse/PED-10545 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 22 08:30:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 Jan 2025 08:30:22 -0000 Subject: SUSE-SU-2025:0216-1: moderate: Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont Message-ID: <173753462203.6933.8753572952065316512@smelt2.prg2.suse.org> # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2025:0216-1 Release Date: 2025-01-22T02:53:22Z Rating: moderate References: Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: * Install nbdkit-server to avoid pulling unneeded dependencies * rebuild against current GO ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-216=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-216=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-216=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-216=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-216=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-216=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * containerized-data-importer-controller-debuginfo-1.59.0-150500.6.21.1 * containerized-data-importer-operator-debuginfo-1.59.0-150500.6.21.1 * containerized-data-importer-cloner-1.59.0-150500.6.21.1 * containerized-data-importer-manifests-1.59.0-150500.6.21.1 * containerized-data-importer-uploadserver-1.59.0-150500.6.21.1 * containerized-data-importer-importer-1.59.0-150500.6.21.1 * containerized-data-importer-operator-1.59.0-150500.6.21.1 * containerized-data-importer-api-debuginfo-1.59.0-150500.6.21.1 * containerized-data-importer-uploadserver-debuginfo-1.59.0-150500.6.21.1 * containerized-data-importer-importer-debuginfo-1.59.0-150500.6.21.1 * containerized-data-importer-uploadproxy-debuginfo-1.59.0-150500.6.21.1 * obs-service-cdi_containers_meta-1.59.0-150500.6.21.1 * containerized-data-importer-controller-1.59.0-150500.6.21.1 * containerized-data-importer-uploadproxy-1.59.0-150500.6.21.1 * containerized-data-importer-api-1.59.0-150500.6.21.1 * containerized-data-importer-cloner-debuginfo-1.59.0-150500.6.21.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.21.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 22 08:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 Jan 2025 08:30:26 -0000 Subject: SUSE-SU-2025:0215-1: moderate: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Message-ID: <173753462669.6933.3442731547959444740@smelt2.prg2.suse.org> # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2025:0215-1 Release Date: 2025-01-22T02:52:54Z Rating: moderate References: * bsc#1232762 * jsc#PED-10545 Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature and has one security fix can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: Update to version 1.4.0 * Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.4.0 * Enable aarch64 build for SLE and mark it as techpreview (jsc#PED-10545) * Drop packages: iptables, lsscsi, and socat * Fix ovmf firmware path for SEV(ES) VMs (bsc#1232762) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-215=1 openSUSE-SLE-15.6-2025-215=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-215=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * kubevirt-virt-controller-1.4.0-150600.5.12.1 * kubevirt-container-disk-1.4.0-150600.5.12.1 * kubevirt-virt-exportproxy-debuginfo-1.4.0-150600.5.12.1 * kubevirt-virt-handler-debuginfo-1.4.0-150600.5.12.1 * kubevirt-virt-operator-debuginfo-1.4.0-150600.5.12.1 * kubevirt-virt-exportproxy-1.4.0-150600.5.12.1 * kubevirt-virt-launcher-1.4.0-150600.5.12.1 * kubevirt-virt-api-1.4.0-150600.5.12.1 * kubevirt-virt-controller-debuginfo-1.4.0-150600.5.12.1 * kubevirt-virt-launcher-debuginfo-1.4.0-150600.5.12.1 * obs-service-kubevirt_containers_meta-1.4.0-150600.5.12.1 * kubevirt-tests-debuginfo-1.4.0-150600.5.12.1 * kubevirt-virtctl-1.4.0-150600.5.12.1 * kubevirt-virtctl-debuginfo-1.4.0-150600.5.12.1 * kubevirt-pr-helper-conf-1.4.0-150600.5.12.1 * kubevirt-virt-api-debuginfo-1.4.0-150600.5.12.1 * kubevirt-virt-operator-1.4.0-150600.5.12.1 * kubevirt-tests-1.4.0-150600.5.12.1 * kubevirt-virt-exportserver-debuginfo-1.4.0-150600.5.12.1 * kubevirt-virt-exportserver-1.4.0-150600.5.12.1 * kubevirt-virt-handler-1.4.0-150600.5.12.1 * kubevirt-manifests-1.4.0-150600.5.12.1 * kubevirt-container-disk-debuginfo-1.4.0-150600.5.12.1 * Containers Module 15-SP6 (aarch64 x86_64) * kubevirt-manifests-1.4.0-150600.5.12.1 * kubevirt-virtctl-1.4.0-150600.5.12.1 * kubevirt-virtctl-debuginfo-1.4.0-150600.5.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232762 * https://jira.suse.com/browse/PED-10545 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 22 08:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 Jan 2025 08:30:28 -0000 Subject: SUSE-SU-2025:0214-1: moderate: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Message-ID: <173753462815.6933.12511665322383600496@smelt2.prg2.suse.org> # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2025:0214-1 Release Date: 2025-01-22T02:52:11Z Rating: moderate References: Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Drop packages: iptables, lsscsi and socat * rebuild against current GO ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-214=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-214=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-214=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-214=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-214=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-214=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kubevirt-virt-api-debuginfo-1.2.2-150500.8.24.1 * kubevirt-manifests-1.2.2-150500.8.24.1 * kubevirt-virt-controller-debuginfo-1.2.2-150500.8.24.1 * kubevirt-container-disk-debuginfo-1.2.2-150500.8.24.1 * kubevirt-virt-exportproxy-1.2.2-150500.8.24.1 * kubevirt-virt-api-1.2.2-150500.8.24.1 * kubevirt-tests-debuginfo-1.2.2-150500.8.24.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.24.1 * kubevirt-virt-operator-debuginfo-1.2.2-150500.8.24.1 * kubevirt-pr-helper-conf-1.2.2-150500.8.24.1 * kubevirt-virt-launcher-debuginfo-1.2.2-150500.8.24.1 * kubevirt-virt-handler-1.2.2-150500.8.24.1 * kubevirt-container-disk-1.2.2-150500.8.24.1 * kubevirt-virt-controller-1.2.2-150500.8.24.1 * kubevirt-virt-handler-debuginfo-1.2.2-150500.8.24.1 * kubevirt-virt-operator-1.2.2-150500.8.24.1 * kubevirt-virt-exportserver-1.2.2-150500.8.24.1 * kubevirt-virtctl-1.2.2-150500.8.24.1 * obs-service-kubevirt_containers_meta-1.2.2-150500.8.24.1 * kubevirt-virt-exportproxy-debuginfo-1.2.2-150500.8.24.1 * kubevirt-virt-launcher-1.2.2-150500.8.24.1 * kubevirt-tests-1.2.2-150500.8.24.1 * kubevirt-virt-exportserver-debuginfo-1.2.2-150500.8.24.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kubevirt-virtctl-1.2.2-150500.8.24.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.24.1 * kubevirt-manifests-1.2.2-150500.8.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * kubevirt-virtctl-1.2.2-150500.8.24.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.24.1 * kubevirt-manifests-1.2.2-150500.8.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * kubevirt-virtctl-1.2.2-150500.8.24.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.24.1 * kubevirt-manifests-1.2.2-150500.8.24.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * kubevirt-virtctl-1.2.2-150500.8.24.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.24.1 * kubevirt-manifests-1.2.2-150500.8.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * kubevirt-virtctl-1.2.2-150500.8.24.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.24.1 * kubevirt-manifests-1.2.2-150500.8.24.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 23 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 23 Jan 2025 16:30:08 -0000 Subject: SUSE-SU-2025:0226-1: moderate: Security update for docker-stable Message-ID: <173764980848.6933.13694911562596507241@smelt2.prg2.suse.org> # Security update for docker-stable Announcement ID: SUSE-SU-2025:0226-1 Release Date: 2025-01-23T13:54:20Z Rating: moderate References: * bsc#1219437 * bsc#1234089 Cross-References: * CVE-2024-2365 * CVE-2024-23650 * CVE-2024-23653 * CVE-2024-29018 * CVE-2024-41110 CVSS scores: * CVE-2024-23650 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23650 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-23653 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23653 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-29018 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-29018 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41110 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for docker-stable fixes the following issues: * CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration (bsc#1234089). * CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request (bsc#1219437). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-226=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-226=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-stable-24.0.9_ce-150000.1.11.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.11.1 * openSUSE Leap 15.6 (noarch) * docker-stable-fish-completion-24.0.9_ce-150000.1.11.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.11.1 * docker-stable-rootless-extras-24.0.9_ce-150000.1.11.1 * docker-stable-zsh-completion-24.0.9_ce-150000.1.11.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * docker-stable-24.0.9_ce-150000.1.11.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.11.1 * Containers Module 15-SP6 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2365.html * https://www.suse.com/security/cve/CVE-2024-23650.html * https://www.suse.com/security/cve/CVE-2024-23653.html * https://www.suse.com/security/cve/CVE-2024-29018.html * https://www.suse.com/security/cve/CVE-2024-41110.html * https://bugzilla.suse.com/show_bug.cgi?id=1219437 * https://bugzilla.suse.com/show_bug.cgi?id=1234089 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 12:31:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 12:31:05 -0000 Subject: SUSE-SU-2025:0231-1: important: Security update for the Linux Kernel Message-ID: <173772186568.27013.16458274626145971744@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0231-1 Release Date: 2025-01-24T10:10:55Z Rating: important References: * bsc#1170891 * bsc#1173139 * bsc#1185010 * bsc#1189998 * bsc#1190358 * bsc#1190428 * bsc#1191949 * bsc#1193983 * bsc#1196869 * bsc#1200313 * bsc#1201308 * bsc#1201489 * bsc#1209657 * bsc#1209798 * bsc#1211592 * bsc#1215304 * bsc#1216702 * bsc#1217169 * bsc#1218447 * bsc#1221044 * bsc#1222721 * bsc#1222878 * bsc#1223481 * bsc#1223501 * bsc#1223512 * bsc#1223520 * bsc#1223894 * bsc#1223921 * bsc#1223922 * bsc#1223923 * bsc#1223924 * bsc#1223929 * bsc#1223931 * bsc#1223932 * bsc#1223934 * bsc#1223941 * bsc#1223948 * bsc#1223952 * bsc#1223953 * bsc#1223957 * bsc#1223962 * bsc#1223963 * bsc#1223964 * bsc#1223996 * bsc#1224099 * bsc#1224482 * bsc#1224511 * bsc#1224592 * bsc#1224685 * bsc#1224730 * bsc#1224816 * bsc#1224895 * bsc#1224898 * bsc#1224900 * bsc#1224901 * bsc#1230697 * bsc#1232436 * bsc#1233070 * bsc#1233642 * bsc#1234281 * bsc#1234282 * bsc#1234846 * bsc#1234853 * bsc#1234891 * bsc#1234921 * bsc#1234960 * bsc#1234963 * bsc#1235004 * bsc#1235035 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235220 * bsc#1235224 * bsc#1235246 * bsc#1235507 Cross-References: * CVE-2020-36788 * CVE-2021-4148 * CVE-2021-42327 * CVE-2021-47202 * CVE-2021-47365 * CVE-2021-47489 * CVE-2021-47491 * CVE-2021-47492 * CVE-2022-48632 * CVE-2022-48634 * CVE-2022-48636 * CVE-2022-48652 * CVE-2022-48671 * CVE-2022-48672 * CVE-2022-48673 * CVE-2022-48675 * CVE-2022-48686 * CVE-2022-48687 * CVE-2022-48688 * CVE-2022-48692 * CVE-2022-48693 * CVE-2022-48694 * CVE-2022-48695 * CVE-2022-48697 * CVE-2022-48699 * CVE-2022-48700 * CVE-2022-48701 * CVE-2022-48702 * CVE-2022-48703 * CVE-2022-48704 * CVE-2022-49035 * CVE-2023-0160 * CVE-2023-2860 * CVE-2023-47233 * CVE-2023-52591 * CVE-2023-52654 * CVE-2023-52655 * CVE-2023-52676 * CVE-2023-6531 * CVE-2024-26764 * CVE-2024-35811 * CVE-2024-35815 * CVE-2024-35895 * CVE-2024-35914 * CVE-2024-50154 * CVE-2024-53095 * CVE-2024-53142 * CVE-2024-53146 * CVE-2024-53156 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53206 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56570 * CVE-2024-56598 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56619 * CVE-2024-8805 CVSS scores: * CVE-2020-36788 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2020-36788 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-4148 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4148 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-42327 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2021-42327 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47365 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47489 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47489 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47491 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47492 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48634 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48636 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48652 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48671 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48671 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48672 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48673 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48675 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48687 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48688 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48692 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48693 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48697 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-48697 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48700 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2860 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-2860 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-47233 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47233 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52591 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52655 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35811 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35815 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35895 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-35914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56570 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56598 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56598 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56619 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56619 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 64 vulnerabilities and has 13 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). * CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1230697). The following non-security bugs were fixed: * KVM: x86: fix sending PV IPI (git-fixes). * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. * kernel/fork: beware of __put_task_struct() calling context (bsc#1189998 (PREEMPT_RT prerequisite backports)). * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. * usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). * usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git- fixes). * x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). * x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). * x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). * x86/fpu: Remove unused supervisor only offsets (git-fixes). * x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). * x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). * x86/mce: Allow instrumentation during task work queueing (git-fixes). * x86/mce: Mark mce_end() noinstr (git-fixes). * x86/mce: Mark mce_panic() noinstr (git-fixes). * x86/mce: Mark mce_read_aux() noinstr (git-fixes). * x86/mm: Flush global TLB when switching to trampoline page-table (git- fixes). * x86/sgx: Free backing memory after faulting the enclave page (git-fixes). * x86/sgx: Silence softlockup detection when releasing large enclaves (git- fixes). * x86/uaccess: Move variable into switch case statement (git-fixes). * x86: Annotate call_on_stack() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-231=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-231=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-231=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-231=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.106.1 * kernel-rt-debugsource-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.106.1 * kernel-rt-debugsource-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.106.1 * kernel-rt-debugsource-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.106.1 * kernel-rt-debugsource-5.14.21-150400.15.106.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.106.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36788.html * https://www.suse.com/security/cve/CVE-2021-4148.html * https://www.suse.com/security/cve/CVE-2021-42327.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47365.html * https://www.suse.com/security/cve/CVE-2021-47489.html * https://www.suse.com/security/cve/CVE-2021-47491.html * https://www.suse.com/security/cve/CVE-2021-47492.html * https://www.suse.com/security/cve/CVE-2022-48632.html * https://www.suse.com/security/cve/CVE-2022-48634.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48652.html * https://www.suse.com/security/cve/CVE-2022-48671.html * https://www.suse.com/security/cve/CVE-2022-48672.html * https://www.suse.com/security/cve/CVE-2022-48673.html * https://www.suse.com/security/cve/CVE-2022-48675.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48688.html * https://www.suse.com/security/cve/CVE-2022-48692.html * https://www.suse.com/security/cve/CVE-2022-48693.html * https://www.suse.com/security/cve/CVE-2022-48694.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48697.html * https://www.suse.com/security/cve/CVE-2022-48699.html * https://www.suse.com/security/cve/CVE-2022-48700.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2022-48702.html * https://www.suse.com/security/cve/CVE-2022-48703.html * https://www.suse.com/security/cve/CVE-2022-48704.html * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-2860.html * https://www.suse.com/security/cve/CVE-2023-47233.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52654.html * https://www.suse.com/security/cve/CVE-2023-52655.html * https://www.suse.com/security/cve/CVE-2023-52676.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://www.suse.com/security/cve/CVE-2024-26764.html * https://www.suse.com/security/cve/CVE-2024-35811.html * https://www.suse.com/security/cve/CVE-2024-35815.html * https://www.suse.com/security/cve/CVE-2024-35895.html * https://www.suse.com/security/cve/CVE-2024-35914.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-53095.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56570.html * https://www.suse.com/security/cve/CVE-2024-56598.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56619.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1170891 * https://bugzilla.suse.com/show_bug.cgi?id=1173139 * https://bugzilla.suse.com/show_bug.cgi?id=1185010 * https://bugzilla.suse.com/show_bug.cgi?id=1189998 * https://bugzilla.suse.com/show_bug.cgi?id=1190358 * https://bugzilla.suse.com/show_bug.cgi?id=1190428 * https://bugzilla.suse.com/show_bug.cgi?id=1191949 * https://bugzilla.suse.com/show_bug.cgi?id=1193983 * https://bugzilla.suse.com/show_bug.cgi?id=1196869 * https://bugzilla.suse.com/show_bug.cgi?id=1200313 * https://bugzilla.suse.com/show_bug.cgi?id=1201308 * https://bugzilla.suse.com/show_bug.cgi?id=1201489 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1209798 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1216702 * https://bugzilla.suse.com/show_bug.cgi?id=1217169 * https://bugzilla.suse.com/show_bug.cgi?id=1218447 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1222721 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1223481 * https://bugzilla.suse.com/show_bug.cgi?id=1223501 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223520 * https://bugzilla.suse.com/show_bug.cgi?id=1223894 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223922 * https://bugzilla.suse.com/show_bug.cgi?id=1223923 * https://bugzilla.suse.com/show_bug.cgi?id=1223924 * https://bugzilla.suse.com/show_bug.cgi?id=1223929 * https://bugzilla.suse.com/show_bug.cgi?id=1223931 * https://bugzilla.suse.com/show_bug.cgi?id=1223932 * https://bugzilla.suse.com/show_bug.cgi?id=1223934 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223948 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223953 * https://bugzilla.suse.com/show_bug.cgi?id=1223957 * https://bugzilla.suse.com/show_bug.cgi?id=1223962 * https://bugzilla.suse.com/show_bug.cgi?id=1223963 * https://bugzilla.suse.com/show_bug.cgi?id=1223964 * https://bugzilla.suse.com/show_bug.cgi?id=1223996 * https://bugzilla.suse.com/show_bug.cgi?id=1224099 * https://bugzilla.suse.com/show_bug.cgi?id=1224482 * https://bugzilla.suse.com/show_bug.cgi?id=1224511 * https://bugzilla.suse.com/show_bug.cgi?id=1224592 * https://bugzilla.suse.com/show_bug.cgi?id=1224685 * https://bugzilla.suse.com/show_bug.cgi?id=1224730 * https://bugzilla.suse.com/show_bug.cgi?id=1224816 * https://bugzilla.suse.com/show_bug.cgi?id=1224895 * https://bugzilla.suse.com/show_bug.cgi?id=1224898 * https://bugzilla.suse.com/show_bug.cgi?id=1224900 * https://bugzilla.suse.com/show_bug.cgi?id=1224901 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235035 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235220 * https://bugzilla.suse.com/show_bug.cgi?id=1235224 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 12:31:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 12:31:22 -0000 Subject: SUSE-SU-2025:0230-1: important: Security update for the Linux Kernel Message-ID: <173772188213.27013.13911614784183448422@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0230-1 Release Date: 2025-01-24T10:10:41Z Rating: important References: * bsc#1215304 * bsc#1220927 * bsc#1220937 * bsc#1230697 * bsc#1232436 * bsc#1234281 * bsc#1234690 * bsc#1234846 * bsc#1234853 * bsc#1234891 * bsc#1234921 * bsc#1234963 * bsc#1235004 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235246 * bsc#1235480 * bsc#1235584 Cross-References: * CVE-2022-49035 * CVE-2023-52524 * CVE-2024-53142 * CVE-2024-53144 * CVE-2024-53146 * CVE-2024-53156 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56631 * CVE-2024-56704 * CVE-2024-8805 CVSS scores: * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56631 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 18 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49035: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (bsc#1215304). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). The following non-security bugs were fixed: * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-230=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-230=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-230=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.197.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debugsource-5.3.18-150300.197.1 * kernel-rt-debuginfo-5.3.18-150300.197.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.197.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.197.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.197.1 * kernel-rt-debuginfo-5.3.18-150300.197.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.197.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.197.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.197.1 * kernel-rt-debuginfo-5.3.18-150300.197.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.197.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56631.html * https://www.suse.com/security/cve/CVE-2024-56704.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235480 * https://bugzilla.suse.com/show_bug.cgi?id=1235584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 12:32:55 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 12:32:55 -0000 Subject: SUSE-SU-2025:0229-1: important: Security update for the Linux Kernel Message-ID: <173772197557.27013.15803678725786967035@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0229-1 Release Date: 2025-01-24T10:10:27Z Rating: important References: * bsc#1135481 * bsc#1170891 * bsc#1171420 * bsc#1173139 * bsc#1175543 * bsc#1181006 * bsc#1185010 * bsc#1187211 * bsc#1187619 * bsc#1188412 * bsc#1188616 * bsc#1188700 * bsc#1188983 * bsc#1188985 * bsc#1189760 * bsc#1189762 * bsc#1189870 * bsc#1189872 * bsc#1190117 * bsc#1190131 * bsc#1190181 * bsc#1190358 * bsc#1190412 * bsc#1190428 * bsc#1203332 * bsc#1205521 * bsc#1209288 * bsc#1209798 * bsc#1211593 * bsc#1211595 * bsc#1215304 * bsc#1216813 * bsc#1216909 * bsc#1219608 * bsc#1222878 * bsc#1223044 * bsc#1225758 * bsc#1225820 * bsc#1226694 * bsc#1228190 * bsc#1229809 * bsc#1230422 * bsc#1230697 * bsc#1231388 * bsc#1231453 * bsc#1231854 * bsc#1232045 * bsc#1232157 * bsc#1232166 * bsc#1232419 * bsc#1232436 * bsc#1232472 * bsc#1232823 * bsc#1233038 * bsc#1233050 * bsc#1233070 * bsc#1233096 * bsc#1233127 * bsc#1233200 * bsc#1233239 * bsc#1233324 * bsc#1233467 * bsc#1233468 * bsc#1233469 * bsc#1233485 * bsc#1233547 * bsc#1233550 * bsc#1233558 * bsc#1233564 * bsc#1233568 * bsc#1233637 * bsc#1233701 * bsc#1233769 * bsc#1233837 * bsc#1234072 * bsc#1234073 * bsc#1234075 * bsc#1234076 * bsc#1234077 * bsc#1234087 * bsc#1234120 * bsc#1234156 * bsc#1234219 * bsc#1234220 * bsc#1234240 * bsc#1234241 * bsc#1234281 * bsc#1234282 * bsc#1234294 * bsc#1234338 * bsc#1234357 * bsc#1234437 * bsc#1234464 * bsc#1234605 * bsc#1234639 * bsc#1234650 * bsc#1234727 * bsc#1234811 * bsc#1234827 * bsc#1234834 * bsc#1234843 * bsc#1234846 * bsc#1234853 * bsc#1234856 * bsc#1234891 * bsc#1234912 * bsc#1234920 * bsc#1234921 * bsc#1234960 * bsc#1234963 * bsc#1234971 * bsc#1234973 * bsc#1235004 * bsc#1235035 * bsc#1235037 * bsc#1235039 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235220 * bsc#1235224 * bsc#1235246 * bsc#1235507 Cross-References: * CVE-2020-12770 * CVE-2021-34556 * CVE-2021-35477 * CVE-2021-38160 * CVE-2021-47202 * CVE-2022-36280 * CVE-2022-48742 * CVE-2022-49033 * CVE-2022-49035 * CVE-2023-1382 * CVE-2023-33951 * CVE-2023-33952 * CVE-2023-52920 * CVE-2024-24860 * CVE-2024-26886 * CVE-2024-26924 * CVE-2024-36915 * CVE-2024-42232 * CVE-2024-44934 * CVE-2024-47666 * CVE-2024-47678 * CVE-2024-49944 * CVE-2024-49952 * CVE-2024-50018 * CVE-2024-50143 * CVE-2024-50154 * CVE-2024-50166 * CVE-2024-50181 * CVE-2024-50202 * CVE-2024-50211 * CVE-2024-50256 * CVE-2024-50262 * CVE-2024-50278 * CVE-2024-50279 * CVE-2024-50280 * CVE-2024-50296 * CVE-2024-53051 * CVE-2024-53055 * CVE-2024-53056 * CVE-2024-53064 * CVE-2024-53072 * CVE-2024-53090 * CVE-2024-53101 * CVE-2024-53113 * CVE-2024-53114 * CVE-2024-53119 * CVE-2024-53120 * CVE-2024-53122 * CVE-2024-53125 * CVE-2024-53130 * CVE-2024-53131 * CVE-2024-53142 * CVE-2024-53146 * CVE-2024-53150 * CVE-2024-53156 * CVE-2024-53157 * CVE-2024-53158 * CVE-2024-53161 * CVE-2024-53162 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53206 * CVE-2024-53210 * CVE-2024-53213 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56549 * CVE-2024-56570 * CVE-2024-56571 * CVE-2024-56575 * CVE-2024-56598 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56619 * CVE-2024-56755 * CVE-2024-8805 CVSS scores: * CVE-2020-12770 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2020-12770 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-34556 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-34556 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-35477 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2021-35477 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-38160 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-38160 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-36280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-36280 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-48742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48742 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49033 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1382 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1382 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-33951 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L * CVE-2023-33951 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-33952 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-33952 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24860 ( NVD ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26886 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47666 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47666 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-49944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50018 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50181 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50181 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50262 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50262 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50279 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50279 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50296 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50296 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53051 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53056 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53072 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53101 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53101 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53150 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53150 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53161 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53213 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56549 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56549 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56570 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56571 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56571 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56575 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56598 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56598 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56619 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56619 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56755 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56755 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 80 vulnerabilities and has 44 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332). * CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694). * CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045). * CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288). * CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823). * CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044). * CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). * CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453). * CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). * CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). * CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). * CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). * CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). * CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050). * CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127). * CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). * CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096). * CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). * CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). * CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). * CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547). * CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550). * CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568). * CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558). * CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564). * CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). * CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769). * CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). * CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072). * CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). * CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). * CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). * CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827). * CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811). * CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). * CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971). * CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (bsc#1234282). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). * CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037). * CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039). * CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). * CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: * ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) * amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295). * arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git- fixes). * arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git- fixes). * arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes). * arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire- excavator (git-fixes). * arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git- fixes). * arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes). * arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) * autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). * autofs: use flexible array in ioctl structure (git-fixes). * devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422). * devlink: do not require setting features before registration (bsc#1231388 bsc#1230422). * dma-fence: Fix reference leak on fence merge failure path (git-fixes). * dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357). * dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). * Documentation: Add x86/amd_hsmp driver (jsc#PED-1295). * Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git- fixes). * drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes). * drm/v3d: Enable Performance Counters before clearing them (git-fixes). * exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). * hfsplus: do not query the device logical block size multiple times (git- fixes). * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727). * jffs2: Fix rtime decompressor (git-fixes). * jffs2: fix use of uninitialized variable (git-fixes). * jffs2: Prevent rtime decompress memory corruption (git-fixes). * jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git- fixes). * jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). * jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). * jfs: fix shift-out-of-bounds in dbSplit (git-fixes). * jfs: xattr: check invalid xattr size more strictly (git-fixes). * kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth * kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639). * KVM: x86: fix sending PV IPI (git-fixes). * memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763). * mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120). * mmc: core: Further prevent card detect during shutdown (git-fixes). * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * net/ipv6: release expired exception dst cached in socket (bsc#1216813). * NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git- fixes). * NFSD: Fix nfsd4_shutdown_copy() (git-fixes). * nfsd: make sure exp active before svc_export_show (git-fixes). * NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472). * NFSD: Prevent a potential integer overflow (git-fixes). * NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). * NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472). * nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472). * nfsd: restore callback functionality for NFSv4.0 (git-fixes). * NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git- fixes). * nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). * nilfs2: prevent use of deleted inode (git-fixes). * ocfs2: uncache inode which has failed entering the group (bsc#1234087). * PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes). * phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763). * platform/x86: Add AMD system management interface (jsc#PED-1295). * proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git- fixes). * pwm: tegra: Improve required rate calculation (jsc#PED-1763). * RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git- fixes) * regmap: detach regmap from dev on regmap_exit (git-fixes). * scatterlist: fix incorrect func name in kernel-doc (git-fixes). * scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * serial: tegra: Read DMA status before terminating (jsc#PED-1763). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) (bsc#1233642). * spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes). * SUNRPC: make sure cache entry active before cache_show (git-fixes). * sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git- fixes). * svcrdma: Address an integer overflow (git-fixes). * svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git- fixes). * tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) * ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git- fixes). * ubifs: Correct the total block count by deducting journal reservation (git- fixes). * udf: Handle error when adding extent to a file (bsc#1234437). * udf: refactor udf_current_aext() to handle error (bsc#1234240). * udf: refactor udf_next_aext() to handle error (bsc#1234241). * usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). * usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git- fixes). * x86: Annotate call_on_stack() (git-fixes). * x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). * x86/fpu: Remove unused supervisor only offsets (git-fixes). * x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). * x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). * x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). * x86/mce: Allow instrumentation during task work queueing (git-fixes). * x86/mce: Mark mce_end() noinstr (git-fixes). * x86/mce: Mark mce_panic() noinstr (git-fixes). * x86/mce: Mark mce_read_aux() noinstr (git-fixes). * x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). * x86/mm: Flush global TLB when switching to trampoline page-table (git- fixes). * x86/sgx: Free backing memory after faulting the enclave page (git-fixes). * x86/sgx: Silence softlockup detection when releasing large enclaves (git- fixes). * x86/uaccess: Move variable into switch case statement (git-fixes). * xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). * zonefs: fix zone report size in __zonefs_io_error() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-229=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-229=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.82.1 * kernel-source-rt-5.14.21-150500.13.82.1 * openSUSE Leap 15.5 (x86_64) * ocfs2-kmp-rt-5.14.21-150500.13.82.1 * kernel-rt_debug-vdso-5.14.21-150500.13.82.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.82.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.82.1 * kernel-rt-livepatch-5.14.21-150500.13.82.1 * kernel-rt-extra-5.14.21-150500.13.82.1 * kernel-rt-optional-5.14.21-150500.13.82.1 * kernel-rt_debug-devel-5.14.21-150500.13.82.1 * cluster-md-kmp-rt-5.14.21-150500.13.82.1 * kernel-rt-debugsource-5.14.21-150500.13.82.1 * kernel-rt-vdso-5.14.21-150500.13.82.1 * kernel-syms-rt-5.14.21-150500.13.82.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.82.1 * gfs2-kmp-rt-5.14.21-150500.13.82.1 * kselftests-kmp-rt-5.14.21-150500.13.82.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.82.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.82.1 * reiserfs-kmp-rt-5.14.21-150500.13.82.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.82.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.82.1 * dlm-kmp-rt-5.14.21-150500.13.82.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.82.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.82.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.82.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.82.1 * kernel-rt-debuginfo-5.14.21-150500.13.82.1 * kernel-rt-devel-5.14.21-150500.13.82.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.82.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.82.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.82.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.82.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.82.1 * kernel-rt_debug-5.14.21-150500.13.82.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.82.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.82.1 * kernel-rt-debugsource-5.14.21-150500.13.82.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.82.1 ## References: * https://www.suse.com/security/cve/CVE-2020-12770.html * https://www.suse.com/security/cve/CVE-2021-34556.html * https://www.suse.com/security/cve/CVE-2021-35477.html * https://www.suse.com/security/cve/CVE-2021-38160.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2022-36280.html * https://www.suse.com/security/cve/CVE-2022-48742.html * https://www.suse.com/security/cve/CVE-2022-49033.html * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2023-1382.html * https://www.suse.com/security/cve/CVE-2023-33951.html * https://www.suse.com/security/cve/CVE-2023-33952.html * https://www.suse.com/security/cve/CVE-2023-52920.html * https://www.suse.com/security/cve/CVE-2024-24860.html * https://www.suse.com/security/cve/CVE-2024-26886.html * https://www.suse.com/security/cve/CVE-2024-26924.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-44934.html * https://www.suse.com/security/cve/CVE-2024-47666.html * https://www.suse.com/security/cve/CVE-2024-47678.html * https://www.suse.com/security/cve/CVE-2024-49944.html * https://www.suse.com/security/cve/CVE-2024-49952.html * https://www.suse.com/security/cve/CVE-2024-50018.html * https://www.suse.com/security/cve/CVE-2024-50143.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-50166.html * https://www.suse.com/security/cve/CVE-2024-50181.html * https://www.suse.com/security/cve/CVE-2024-50202.html * https://www.suse.com/security/cve/CVE-2024-50211.html * https://www.suse.com/security/cve/CVE-2024-50256.html * https://www.suse.com/security/cve/CVE-2024-50262.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50279.html * https://www.suse.com/security/cve/CVE-2024-50280.html * https://www.suse.com/security/cve/CVE-2024-50296.html * https://www.suse.com/security/cve/CVE-2024-53051.html * https://www.suse.com/security/cve/CVE-2024-53055.html * https://www.suse.com/security/cve/CVE-2024-53056.html * https://www.suse.com/security/cve/CVE-2024-53064.html * https://www.suse.com/security/cve/CVE-2024-53072.html * https://www.suse.com/security/cve/CVE-2024-53090.html * https://www.suse.com/security/cve/CVE-2024-53101.html * https://www.suse.com/security/cve/CVE-2024-53113.html * https://www.suse.com/security/cve/CVE-2024-53114.html * https://www.suse.com/security/cve/CVE-2024-53119.html * https://www.suse.com/security/cve/CVE-2024-53120.html * https://www.suse.com/security/cve/CVE-2024-53122.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-53130.html * https://www.suse.com/security/cve/CVE-2024-53131.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53150.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53157.html * https://www.suse.com/security/cve/CVE-2024-53158.html * https://www.suse.com/security/cve/CVE-2024-53161.html * https://www.suse.com/security/cve/CVE-2024-53162.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53210.html * https://www.suse.com/security/cve/CVE-2024-53213.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56549.html * https://www.suse.com/security/cve/CVE-2024-56570.html * https://www.suse.com/security/cve/CVE-2024-56571.html * https://www.suse.com/security/cve/CVE-2024-56575.html * https://www.suse.com/security/cve/CVE-2024-56598.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56619.html * https://www.suse.com/security/cve/CVE-2024-56755.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1135481 * https://bugzilla.suse.com/show_bug.cgi?id=1170891 * https://bugzilla.suse.com/show_bug.cgi?id=1171420 * https://bugzilla.suse.com/show_bug.cgi?id=1173139 * https://bugzilla.suse.com/show_bug.cgi?id=1175543 * https://bugzilla.suse.com/show_bug.cgi?id=1181006 * https://bugzilla.suse.com/show_bug.cgi?id=1185010 * https://bugzilla.suse.com/show_bug.cgi?id=1187211 * https://bugzilla.suse.com/show_bug.cgi?id=1187619 * https://bugzilla.suse.com/show_bug.cgi?id=1188412 * https://bugzilla.suse.com/show_bug.cgi?id=1188616 * https://bugzilla.suse.com/show_bug.cgi?id=1188700 * https://bugzilla.suse.com/show_bug.cgi?id=1188983 * https://bugzilla.suse.com/show_bug.cgi?id=1188985 * https://bugzilla.suse.com/show_bug.cgi?id=1189760 * https://bugzilla.suse.com/show_bug.cgi?id=1189762 * https://bugzilla.suse.com/show_bug.cgi?id=1189870 * https://bugzilla.suse.com/show_bug.cgi?id=1189872 * https://bugzilla.suse.com/show_bug.cgi?id=1190117 * https://bugzilla.suse.com/show_bug.cgi?id=1190131 * https://bugzilla.suse.com/show_bug.cgi?id=1190181 * https://bugzilla.suse.com/show_bug.cgi?id=1190358 * https://bugzilla.suse.com/show_bug.cgi?id=1190412 * https://bugzilla.suse.com/show_bug.cgi?id=1190428 * https://bugzilla.suse.com/show_bug.cgi?id=1203332 * https://bugzilla.suse.com/show_bug.cgi?id=1205521 * https://bugzilla.suse.com/show_bug.cgi?id=1209288 * https://bugzilla.suse.com/show_bug.cgi?id=1209798 * https://bugzilla.suse.com/show_bug.cgi?id=1211593 * https://bugzilla.suse.com/show_bug.cgi?id=1211595 * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1216909 * https://bugzilla.suse.com/show_bug.cgi?id=1219608 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1223044 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225820 * https://bugzilla.suse.com/show_bug.cgi?id=1226694 * https://bugzilla.suse.com/show_bug.cgi?id=1228190 * https://bugzilla.suse.com/show_bug.cgi?id=1229809 * https://bugzilla.suse.com/show_bug.cgi?id=1230422 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1231388 * https://bugzilla.suse.com/show_bug.cgi?id=1231453 * https://bugzilla.suse.com/show_bug.cgi?id=1231854 * https://bugzilla.suse.com/show_bug.cgi?id=1232045 * https://bugzilla.suse.com/show_bug.cgi?id=1232157 * https://bugzilla.suse.com/show_bug.cgi?id=1232166 * https://bugzilla.suse.com/show_bug.cgi?id=1232419 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1232472 * https://bugzilla.suse.com/show_bug.cgi?id=1232823 * https://bugzilla.suse.com/show_bug.cgi?id=1233038 * https://bugzilla.suse.com/show_bug.cgi?id=1233050 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233096 * https://bugzilla.suse.com/show_bug.cgi?id=1233127 * https://bugzilla.suse.com/show_bug.cgi?id=1233200 * https://bugzilla.suse.com/show_bug.cgi?id=1233239 * https://bugzilla.suse.com/show_bug.cgi?id=1233324 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233468 * https://bugzilla.suse.com/show_bug.cgi?id=1233469 * https://bugzilla.suse.com/show_bug.cgi?id=1233485 * https://bugzilla.suse.com/show_bug.cgi?id=1233547 * https://bugzilla.suse.com/show_bug.cgi?id=1233550 * https://bugzilla.suse.com/show_bug.cgi?id=1233558 * https://bugzilla.suse.com/show_bug.cgi?id=1233564 * https://bugzilla.suse.com/show_bug.cgi?id=1233568 * https://bugzilla.suse.com/show_bug.cgi?id=1233637 * https://bugzilla.suse.com/show_bug.cgi?id=1233701 * https://bugzilla.suse.com/show_bug.cgi?id=1233769 * https://bugzilla.suse.com/show_bug.cgi?id=1233837 * https://bugzilla.suse.com/show_bug.cgi?id=1234072 * https://bugzilla.suse.com/show_bug.cgi?id=1234073 * https://bugzilla.suse.com/show_bug.cgi?id=1234075 * https://bugzilla.suse.com/show_bug.cgi?id=1234076 * https://bugzilla.suse.com/show_bug.cgi?id=1234077 * https://bugzilla.suse.com/show_bug.cgi?id=1234087 * https://bugzilla.suse.com/show_bug.cgi?id=1234120 * https://bugzilla.suse.com/show_bug.cgi?id=1234156 * https://bugzilla.suse.com/show_bug.cgi?id=1234219 * https://bugzilla.suse.com/show_bug.cgi?id=1234220 * https://bugzilla.suse.com/show_bug.cgi?id=1234240 * https://bugzilla.suse.com/show_bug.cgi?id=1234241 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234294 * https://bugzilla.suse.com/show_bug.cgi?id=1234338 * https://bugzilla.suse.com/show_bug.cgi?id=1234357 * https://bugzilla.suse.com/show_bug.cgi?id=1234437 * https://bugzilla.suse.com/show_bug.cgi?id=1234464 * https://bugzilla.suse.com/show_bug.cgi?id=1234605 * https://bugzilla.suse.com/show_bug.cgi?id=1234639 * https://bugzilla.suse.com/show_bug.cgi?id=1234650 * https://bugzilla.suse.com/show_bug.cgi?id=1234727 * https://bugzilla.suse.com/show_bug.cgi?id=1234811 * https://bugzilla.suse.com/show_bug.cgi?id=1234827 * https://bugzilla.suse.com/show_bug.cgi?id=1234834 * https://bugzilla.suse.com/show_bug.cgi?id=1234843 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234856 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234912 * https://bugzilla.suse.com/show_bug.cgi?id=1234920 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1234971 * https://bugzilla.suse.com/show_bug.cgi?id=1234973 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235035 * https://bugzilla.suse.com/show_bug.cgi?id=1235037 * https://bugzilla.suse.com/show_bug.cgi?id=1235039 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235220 * https://bugzilla.suse.com/show_bug.cgi?id=1235224 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 16:30:08 -0000 Subject: SUSE-SU-2025:0232-1: important: Security update for nodejs20 Message-ID: <173773620820.6385.6431583038594775742@smelt2.prg2.suse.org> # Security update for nodejs20 Announcement ID: SUSE-SU-2025:0232-1 Release Date: 2025-01-24T14:33:49Z Rating: important References: * bsc#1236250 * bsc#1236251 * bsc#1236258 Cross-References: * CVE-2025-22150 * CVE-2025-23083 * CVE-2025-23085 CVSS scores: * CVE-2025-22150 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22150 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22150 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-23083 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23083 ( NVD ): 7.7 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-23085 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-23085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for nodejs20 fixes the following issues: Update to 20.18.2: * CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics (bsc#1236251) * CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERR_PROTO (bsc#1236250) * CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici (bsc#1236258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-232=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-232=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-232=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-232=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-232=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * nodejs20-debugsource-20.18.2-150500.11.18.1 * npm20-20.18.2-150500.11.18.1 * nodejs20-devel-20.18.2-150500.11.18.1 * nodejs20-debuginfo-20.18.2-150500.11.18.1 * nodejs20-20.18.2-150500.11.18.1 * corepack20-20.18.2-150500.11.18.1 * openSUSE Leap 15.5 (noarch) * nodejs20-docs-20.18.2-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * nodejs20-debugsource-20.18.2-150500.11.18.1 * npm20-20.18.2-150500.11.18.1 * nodejs20-devel-20.18.2-150500.11.18.1 * nodejs20-debuginfo-20.18.2-150500.11.18.1 * nodejs20-20.18.2-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * nodejs20-docs-20.18.2-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * nodejs20-debugsource-20.18.2-150500.11.18.1 * npm20-20.18.2-150500.11.18.1 * nodejs20-devel-20.18.2-150500.11.18.1 * nodejs20-debuginfo-20.18.2-150500.11.18.1 * nodejs20-20.18.2-150500.11.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * nodejs20-docs-20.18.2-150500.11.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * nodejs20-debugsource-20.18.2-150500.11.18.1 * npm20-20.18.2-150500.11.18.1 * nodejs20-devel-20.18.2-150500.11.18.1 * nodejs20-debuginfo-20.18.2-150500.11.18.1 * nodejs20-20.18.2-150500.11.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * nodejs20-docs-20.18.2-150500.11.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * nodejs20-debugsource-20.18.2-150500.11.18.1 * npm20-20.18.2-150500.11.18.1 * nodejs20-devel-20.18.2-150500.11.18.1 * nodejs20-debuginfo-20.18.2-150500.11.18.1 * nodejs20-20.18.2-150500.11.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * nodejs20-docs-20.18.2-150500.11.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22150.html * https://www.suse.com/security/cve/CVE-2025-23083.html * https://www.suse.com/security/cve/CVE-2025-23085.html * https://bugzilla.suse.com/show_bug.cgi?id=1236250 * https://bugzilla.suse.com/show_bug.cgi?id=1236251 * https://bugzilla.suse.com/show_bug.cgi?id=1236258 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 20:31:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 20:31:15 -0000 Subject: SUSE-SU-2025:0236-1: important: Security update for the Linux Kernel Message-ID: <173775067516.30301.9927246579742229567@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0236-1 Release Date: 2025-01-24T17:02:47Z Rating: important References: * bsc#1117016 * bsc#1168202 * bsc#1188924 * bsc#1215304 * bsc#1220148 * bsc#1223635 * bsc#1224697 * bsc#1225725 * bsc#1225730 * bsc#1226694 * bsc#1226748 * bsc#1226872 * bsc#1228405 * bsc#1230697 * bsc#1230766 * bsc#1231453 * bsc#1231854 * bsc#1231877 * bsc#1231909 * bsc#1232045 * bsc#1232048 * bsc#1232166 * bsc#1232224 * bsc#1233038 * bsc#1233050 * bsc#1233055 * bsc#1233096 * bsc#1233112 * bsc#1233200 * bsc#1233204 * bsc#1233239 * bsc#1233467 * bsc#1233469 * bsc#1233476 * bsc#1233488 * bsc#1233551 * bsc#1233769 * bsc#1233977 * bsc#1234087 * bsc#1234161 * bsc#1234240 * bsc#1234241 * bsc#1234242 * bsc#1234243 * bsc#1234281 * bsc#1234381 * bsc#1234437 * bsc#1234690 * bsc#1234827 * bsc#1234834 * bsc#1234846 * bsc#1234853 * bsc#1234891 * bsc#1234898 * bsc#1234921 * bsc#1234922 * bsc#1234923 * bsc#1234971 * bsc#1235004 * bsc#1235009 * bsc#1235031 * bsc#1235035 * bsc#1235054 * bsc#1235056 * bsc#1235057 * bsc#1235061 * bsc#1235073 * bsc#1235075 * bsc#1235125 * bsc#1235138 * bsc#1235249 * bsc#1235415 * bsc#1235416 * bsc#1235417 * bsc#1235427 * bsc#1235433 * bsc#1235480 * bsc#1235577 * bsc#1235584 * bsc#1235708 * bsc#1235759 * bsc#1235814 * bsc#1235888 * bsc#1235918 * bsc#1235920 * bsc#1235952 * bsc#1235964 Cross-References: * CVE-2022-48742 * CVE-2022-49033 * CVE-2022-49035 * CVE-2023-52434 * CVE-2023-52922 * CVE-2024-26976 * CVE-2024-35847 * CVE-2024-36484 * CVE-2024-36883 * CVE-2024-36886 * CVE-2024-38589 * CVE-2024-41013 * CVE-2024-46771 * CVE-2024-47141 * CVE-2024-47666 * CVE-2024-47678 * CVE-2024-47709 * CVE-2024-49925 * CVE-2024-49944 * CVE-2024-50039 * CVE-2024-50143 * CVE-2024-50151 * CVE-2024-50166 * CVE-2024-50199 * CVE-2024-50211 * CVE-2024-50228 * CVE-2024-50256 * CVE-2024-50262 * CVE-2024-50278 * CVE-2024-50280 * CVE-2024-50287 * CVE-2024-50299 * CVE-2024-53057 * CVE-2024-53101 * CVE-2024-53112 * CVE-2024-53136 * CVE-2024-53141 * CVE-2024-53144 * CVE-2024-53146 * CVE-2024-53150 * CVE-2024-53156 * CVE-2024-53157 * CVE-2024-53172 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53198 * CVE-2024-53210 * CVE-2024-53214 * CVE-2024-53224 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-56531 * CVE-2024-56548 * CVE-2024-56551 * CVE-2024-56569 * CVE-2024-56570 * CVE-2024-56587 * CVE-2024-56599 * CVE-2024-5660 * CVE-2024-56603 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56606 * CVE-2024-56616 * CVE-2024-56631 * CVE-2024-56642 * CVE-2024-56664 * CVE-2024-56704 * CVE-2024-56724 * CVE-2024-56756 * CVE-2024-57791 * CVE-2024-57849 * CVE-2024-57887 * CVE-2024-57888 * CVE-2024-57892 * CVE-2024-57893 * CVE-2024-8805 CVSS scores: * CVE-2022-48742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48742 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49033 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52434 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52434 ( NVD ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52922 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52922 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52922 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26976 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35847 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35847 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36484 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-36883 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36886 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36886 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38589 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41013 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-46771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46771 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47141 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47141 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47666 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47666 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47709 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47709 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47709 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49925 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49925 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49925 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50151 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-50151 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50228 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50228 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-50228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50262 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50262 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50287 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50299 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50299 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53057 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53101 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53101 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53112 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53112 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53141 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53150 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53150 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53172 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53172 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53198 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53198 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-53210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53224 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53224 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56531 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56531 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56551 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56551 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56551 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56569 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56569 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56570 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56587 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56599 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56599 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56599 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5660 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56603 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56603 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56606 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56606 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56616 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56631 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56631 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( SUSE ): 7.5 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56642 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56724 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56724 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56756 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56756 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56756 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57791 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57791 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57849 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57849 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57887 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57887 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57887 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57888 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57892 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57892 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57892 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 77 vulnerabilities and has 10 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694). * CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045). * CVE-2022-49035: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (bsc#1215304). * CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148). * CVE-2023-52922: can: bcm: Fix UAF in bcm_proc_show() (bsc#1233977). * CVE-2024-26976: KVM: Always flush async #PF workqueue when vCPU is being destroyed (bsc#1223635). * CVE-2024-35847: irqchip/gic-v3-its: Prevent double free on error (bsc#1224697). * CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725). * CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730). * CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748). * CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405). * CVE-2024-47141: pinmux: Use sequential access to access desc->pinmux data (bsc#1235708). * CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453). * CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). * CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). * CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909). * CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055). * CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050). * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). * CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096). * CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). * CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). * CVE-2024-50287: media: v4l2-tpg: prevent the risk of a division by zero (bsc#1233476). * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488). * CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551). * CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769). * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827). * CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching (bsc#1234898). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53198: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (bsc#1234923). * CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53224: RDMA/mlx5: Cancel pkey work before destroying device resources (bsc#1235009). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-56531: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (bsc#1235057). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56551: drm/amdgpu: fix usage slab after free (bsc#1235075). * CVE-2024-56569: ftrace: Fix regression with module command in stack_trace_filter (bsc#1235031). * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). * CVE-2024-56587: leds: class: Protect brightness_show() with led_cdev->led_access mutex (bsc#1235125). * CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138). * CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in can_create() (bsc#1235415). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56616: drm/dp_mst: Fix MST sideband message body length check (bsc#1235427). * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433). * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). * CVE-2024-56724: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (bsc#1235577). * CVE-2024-56756: nvme-pci: fix freeing of the HMB descriptor table (bsc#1234922). * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). * CVE-2024-57887: drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (bsc#1235952). * CVE-2024-57888: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416 bsc#1235918). * CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (bsc#1235964). * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). The following non-security bugs were fixed: * SUNRPC: 'Directory with parent 'rpc_clnt' already present!' (bsc#1168202 bsc#1188924). * SUNRPC: fix use-after-free in rpc_free_client_work() (bsc#1168202 bsc#1188924). * cifs: fix calc signature on big endian systems (bsc#1235888, bsc#1234921). * memcg: reduce memcg tree traversals for stats collection (bsc#1231877). * mm: memory.stat allow preemption (bsc#1231877). * net: marvell: mvpp2: phylink requires the link interrupt (bsc#1117016). * smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes). * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). * udf: Handle error when adding extent to a file (bsc#1234437). * udf: refactor udf_current_aext() to handle error (bsc#1234240). * udf: refactor udf_next_aext() to handle error (bsc#1234241). * workqueue: skip lockdep wq dependency in cancel_work_sync() (bsc#1235918). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2025-236=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2025-236=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-236=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-236=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-236=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc) * kernel-default-4.12.14-122.244.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * kernel-default-debuginfo-4.12.14-122.244.1 * kernel-default-debugsource-4.12.14-122.244.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.244.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.244.1 * kernel-default-debugsource-4.12.14-122.244.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.244.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_244-default-1-8.5.1 * kernel-default-debugsource-4.12.14-122.244.1 * kernel-default-kgraft-4.12.14-122.244.1 * kernel-default-debuginfo-4.12.14-122.244.1 * kernel-default-kgraft-devel-4.12.14-122.244.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-base-debuginfo-4.12.14-122.244.1 * kernel-default-devel-4.12.14-122.244.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.244.1 * kernel-default-debugsource-4.12.14-122.244.1 * ocfs2-kmp-default-4.12.14-122.244.1 * dlm-kmp-default-debuginfo-4.12.14-122.244.1 * dlm-kmp-default-4.12.14-122.244.1 * gfs2-kmp-default-4.12.14-122.244.1 * cluster-md-kmp-default-4.12.14-122.244.1 * gfs2-kmp-default-debuginfo-4.12.14-122.244.1 * kernel-default-debuginfo-4.12.14-122.244.1 * kernel-default-base-4.12.14-122.244.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.244.1 * kernel-syms-4.12.14-122.244.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.244.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-macros-4.12.14-122.244.1 * kernel-devel-4.12.14-122.244.1 * kernel-source-4.12.14-122.244.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.244.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.244.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * kernel-default-base-debuginfo-4.12.14-122.244.1 * kernel-default-devel-4.12.14-122.244.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.244.1 * kernel-default-debugsource-4.12.14-122.244.1 * ocfs2-kmp-default-4.12.14-122.244.1 * dlm-kmp-default-debuginfo-4.12.14-122.244.1 * dlm-kmp-default-4.12.14-122.244.1 * gfs2-kmp-default-4.12.14-122.244.1 * cluster-md-kmp-default-4.12.14-122.244.1 * gfs2-kmp-default-debuginfo-4.12.14-122.244.1 * kernel-default-debuginfo-4.12.14-122.244.1 * kernel-default-base-4.12.14-122.244.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.244.1 * kernel-default-devel-debuginfo-4.12.14-122.244.1 * kernel-syms-4.12.14-122.244.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.244.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-macros-4.12.14-122.244.1 * kernel-devel-4.12.14-122.244.1 * kernel-source-4.12.14-122.244.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48742.html * https://www.suse.com/security/cve/CVE-2022-49033.html * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2023-52434.html * https://www.suse.com/security/cve/CVE-2023-52922.html * https://www.suse.com/security/cve/CVE-2024-26976.html * https://www.suse.com/security/cve/CVE-2024-35847.html * https://www.suse.com/security/cve/CVE-2024-36484.html * https://www.suse.com/security/cve/CVE-2024-36883.html * https://www.suse.com/security/cve/CVE-2024-36886.html * https://www.suse.com/security/cve/CVE-2024-38589.html * https://www.suse.com/security/cve/CVE-2024-41013.html * https://www.suse.com/security/cve/CVE-2024-46771.html * https://www.suse.com/security/cve/CVE-2024-47141.html * https://www.suse.com/security/cve/CVE-2024-47666.html * https://www.suse.com/security/cve/CVE-2024-47678.html * https://www.suse.com/security/cve/CVE-2024-47709.html * https://www.suse.com/security/cve/CVE-2024-49925.html * https://www.suse.com/security/cve/CVE-2024-49944.html * https://www.suse.com/security/cve/CVE-2024-50039.html * https://www.suse.com/security/cve/CVE-2024-50143.html * https://www.suse.com/security/cve/CVE-2024-50151.html * https://www.suse.com/security/cve/CVE-2024-50166.html * https://www.suse.com/security/cve/CVE-2024-50199.html * https://www.suse.com/security/cve/CVE-2024-50211.html * https://www.suse.com/security/cve/CVE-2024-50228.html * https://www.suse.com/security/cve/CVE-2024-50256.html * https://www.suse.com/security/cve/CVE-2024-50262.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50280.html * https://www.suse.com/security/cve/CVE-2024-50287.html * https://www.suse.com/security/cve/CVE-2024-50299.html * https://www.suse.com/security/cve/CVE-2024-53057.html * https://www.suse.com/security/cve/CVE-2024-53101.html * https://www.suse.com/security/cve/CVE-2024-53112.html * https://www.suse.com/security/cve/CVE-2024-53136.html * https://www.suse.com/security/cve/CVE-2024-53141.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53150.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53157.html * https://www.suse.com/security/cve/CVE-2024-53172.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53198.html * https://www.suse.com/security/cve/CVE-2024-53210.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53224.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-56531.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56551.html * https://www.suse.com/security/cve/CVE-2024-56569.html * https://www.suse.com/security/cve/CVE-2024-56570.html * https://www.suse.com/security/cve/CVE-2024-56587.html * https://www.suse.com/security/cve/CVE-2024-56599.html * https://www.suse.com/security/cve/CVE-2024-5660.html * https://www.suse.com/security/cve/CVE-2024-56603.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56606.html * https://www.suse.com/security/cve/CVE-2024-56616.html * https://www.suse.com/security/cve/CVE-2024-56631.html * https://www.suse.com/security/cve/CVE-2024-56642.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2024-56704.html * https://www.suse.com/security/cve/CVE-2024-56724.html * https://www.suse.com/security/cve/CVE-2024-56756.html * https://www.suse.com/security/cve/CVE-2024-57791.html * https://www.suse.com/security/cve/CVE-2024-57849.html * https://www.suse.com/security/cve/CVE-2024-57887.html * https://www.suse.com/security/cve/CVE-2024-57888.html * https://www.suse.com/security/cve/CVE-2024-57892.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1117016 * https://bugzilla.suse.com/show_bug.cgi?id=1168202 * https://bugzilla.suse.com/show_bug.cgi?id=1188924 * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1220148 * https://bugzilla.suse.com/show_bug.cgi?id=1223635 * https://bugzilla.suse.com/show_bug.cgi?id=1224697 * https://bugzilla.suse.com/show_bug.cgi?id=1225725 * https://bugzilla.suse.com/show_bug.cgi?id=1225730 * https://bugzilla.suse.com/show_bug.cgi?id=1226694 * https://bugzilla.suse.com/show_bug.cgi?id=1226748 * https://bugzilla.suse.com/show_bug.cgi?id=1226872 * https://bugzilla.suse.com/show_bug.cgi?id=1228405 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1230766 * https://bugzilla.suse.com/show_bug.cgi?id=1231453 * https://bugzilla.suse.com/show_bug.cgi?id=1231854 * https://bugzilla.suse.com/show_bug.cgi?id=1231877 * https://bugzilla.suse.com/show_bug.cgi?id=1231909 * https://bugzilla.suse.com/show_bug.cgi?id=1232045 * https://bugzilla.suse.com/show_bug.cgi?id=1232048 * https://bugzilla.suse.com/show_bug.cgi?id=1232166 * https://bugzilla.suse.com/show_bug.cgi?id=1232224 * https://bugzilla.suse.com/show_bug.cgi?id=1233038 * https://bugzilla.suse.com/show_bug.cgi?id=1233050 * https://bugzilla.suse.com/show_bug.cgi?id=1233055 * https://bugzilla.suse.com/show_bug.cgi?id=1233096 * https://bugzilla.suse.com/show_bug.cgi?id=1233112 * https://bugzilla.suse.com/show_bug.cgi?id=1233200 * https://bugzilla.suse.com/show_bug.cgi?id=1233204 * https://bugzilla.suse.com/show_bug.cgi?id=1233239 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233469 * https://bugzilla.suse.com/show_bug.cgi?id=1233476 * https://bugzilla.suse.com/show_bug.cgi?id=1233488 * https://bugzilla.suse.com/show_bug.cgi?id=1233551 * https://bugzilla.suse.com/show_bug.cgi?id=1233769 * https://bugzilla.suse.com/show_bug.cgi?id=1233977 * https://bugzilla.suse.com/show_bug.cgi?id=1234087 * https://bugzilla.suse.com/show_bug.cgi?id=1234161 * https://bugzilla.suse.com/show_bug.cgi?id=1234240 * https://bugzilla.suse.com/show_bug.cgi?id=1234241 * https://bugzilla.suse.com/show_bug.cgi?id=1234242 * https://bugzilla.suse.com/show_bug.cgi?id=1234243 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234381 * https://bugzilla.suse.com/show_bug.cgi?id=1234437 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234827 * https://bugzilla.suse.com/show_bug.cgi?id=1234834 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234898 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234922 * https://bugzilla.suse.com/show_bug.cgi?id=1234923 * https://bugzilla.suse.com/show_bug.cgi?id=1234971 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235009 * https://bugzilla.suse.com/show_bug.cgi?id=1235031 * https://bugzilla.suse.com/show_bug.cgi?id=1235035 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235057 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235075 * https://bugzilla.suse.com/show_bug.cgi?id=1235125 * https://bugzilla.suse.com/show_bug.cgi?id=1235138 * https://bugzilla.suse.com/show_bug.cgi?id=1235249 * https://bugzilla.suse.com/show_bug.cgi?id=1235415 * https://bugzilla.suse.com/show_bug.cgi?id=1235416 * https://bugzilla.suse.com/show_bug.cgi?id=1235417 * https://bugzilla.suse.com/show_bug.cgi?id=1235427 * https://bugzilla.suse.com/show_bug.cgi?id=1235433 * https://bugzilla.suse.com/show_bug.cgi?id=1235480 * https://bugzilla.suse.com/show_bug.cgi?id=1235577 * https://bugzilla.suse.com/show_bug.cgi?id=1235584 * https://bugzilla.suse.com/show_bug.cgi?id=1235708 * https://bugzilla.suse.com/show_bug.cgi?id=1235759 * https://bugzilla.suse.com/show_bug.cgi?id=1235814 * https://bugzilla.suse.com/show_bug.cgi?id=1235888 * https://bugzilla.suse.com/show_bug.cgi?id=1235918 * https://bugzilla.suse.com/show_bug.cgi?id=1235920 * https://bugzilla.suse.com/show_bug.cgi?id=1235952 * https://bugzilla.suse.com/show_bug.cgi?id=1235964 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 20:31:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 20:31:18 -0000 Subject: SUSE-SU-2025:0237-1: important: Security update for nodejs20 Message-ID: <173775067855.30301.2335519206195076755@smelt2.prg2.suse.org> # Security update for nodejs20 Announcement ID: SUSE-SU-2025:0237-1 Release Date: 2025-01-24T19:33:47Z Rating: important References: * bsc#1236250 * bsc#1236251 * bsc#1236258 Cross-References: * CVE-2025-22150 * CVE-2025-23083 * CVE-2025-23085 CVSS scores: * CVE-2025-22150 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22150 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22150 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-23083 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23083 ( NVD ): 7.7 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-23085 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-23085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for nodejs20 fixes the following issues: Update to 20.18.2: * CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics (bsc#1236251) * CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERR_PROTO (bsc#1236250) * CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici (bsc#1236258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-237=1 SUSE-2025-237=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-237=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * npm20-20.18.2-150600.3.9.1 * nodejs20-debugsource-20.18.2-150600.3.9.1 * corepack20-20.18.2-150600.3.9.1 * nodejs20-devel-20.18.2-150600.3.9.1 * nodejs20-20.18.2-150600.3.9.1 * nodejs20-debuginfo-20.18.2-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * nodejs20-docs-20.18.2-150600.3.9.1 * Web and Scripting Module 15-SP6 (aarch64 ppc64le s390x x86_64) * npm20-20.18.2-150600.3.9.1 * nodejs20-debugsource-20.18.2-150600.3.9.1 * nodejs20-devel-20.18.2-150600.3.9.1 * nodejs20-20.18.2-150600.3.9.1 * nodejs20-debuginfo-20.18.2-150600.3.9.1 * Web and Scripting Module 15-SP6 (noarch) * nodejs20-docs-20.18.2-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22150.html * https://www.suse.com/security/cve/CVE-2025-23083.html * https://www.suse.com/security/cve/CVE-2025-23085.html * https://bugzilla.suse.com/show_bug.cgi?id=1236250 * https://bugzilla.suse.com/show_bug.cgi?id=1236251 * https://bugzilla.suse.com/show_bug.cgi?id=1236258 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 20:31:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 20:31:21 -0000 Subject: SUSE-SU-2025:0235-1: moderate: Security update for java-11-openjdk Message-ID: <173775068154.30301.5000820304334002844@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2025:0235-1 Release Date: 2025-01-24T16:34:34Z Rating: moderate References: * bsc#1236278 Cross-References: * CVE-2025-21502 CVSS scores: * CVE-2025-21502 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-21502 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-21502 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.26+4 (January 2025 CPU) Security fixes: * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: * JDK-8224624: Inefficiencies in CodeStrings::add_comment cause - timeouts * JDK-8225045: javax/swing/JInternalFrame/8146321//JInternalFrameIconTest.java fails on linux-x64 * JDK-8232367: Update Reactive Streams to 1.0.3 -- tests only * JDK-8247706: Unintentional use of new Date(year...) with absolute year * JDK-8299254: Support dealing with standard assert macro * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test * JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak * JDK-8328300: Convert PrintDialogsTest.java from Applet to main program * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main * JDK-8334332: TestIOException.java fails if run by root * JDK-8335428: Enhanced Building of Processes * JDK-8335801: [11u] Backport of 8210988 to 11u removes gcc warnings * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when extracting to not overwriting existing files * JDK-8336564: Enhance mask blit functionality redux * JDK-8338402: GHA: some of bundles may not get removed * JDK-8339082: Bump update version for OpenJDK: jdk-11.0.26 * JDK-8339180: Enhanced Building of Processes: Follow-on Issue * JDK-8339470: [17u] More defensive fix for 8163921 * JDK-8339637: (tz) Update Timezone Data to 2024b * JDK-8339644: Improve parsing of Day/Month in tzdata rules * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata files * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names * JDK-8340671: GHA: Bump macOS and Xcode versions to macos-12 and XCode 13.4.1 * JDK-8340815: Add SECURITY.md file * JDK-8342426: [11u] javax/naming/module/RunBasic.java javac compile fails * JDK-8342629: [11u] Properly message out that shenandoah is disabled * JDK-8347483: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.26 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-235=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-235=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.26.0-3.84.1 * java-11-openjdk-headless-11.0.26.0-3.84.1 * java-11-openjdk-11.0.26.0-3.84.1 * java-11-openjdk-demo-11.0.26.0-3.84.1 * java-11-openjdk-devel-11.0.26.0-3.84.1 * java-11-openjdk-debugsource-11.0.26.0-3.84.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * java-11-openjdk-debuginfo-11.0.26.0-3.84.1 * java-11-openjdk-headless-11.0.26.0-3.84.1 * java-11-openjdk-11.0.26.0-3.84.1 * java-11-openjdk-demo-11.0.26.0-3.84.1 * java-11-openjdk-devel-11.0.26.0-3.84.1 * java-11-openjdk-debugsource-11.0.26.0-3.84.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21502.html * https://bugzilla.suse.com/show_bug.cgi?id=1236278 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 20:31:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 20:31:25 -0000 Subject: SUSE-SU-2025:0234-1: important: Security update for nodejs18 Message-ID: <173775068518.30301.2798872516170436952@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2025:0234-1 Release Date: 2025-01-24T16:34:23Z Rating: important References: * bsc#1236250 * bsc#1236258 Cross-References: * CVE-2025-22150 * CVE-2025-23085 CVSS scores: * CVE-2025-22150 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22150 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22150 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-23085 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-23085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.6: * CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERR_PROTO (bsc#1236250) * CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici (bsc#1236258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-234=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-234=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * nodejs18-debugsource-18.20.6-8.33.1 * nodejs18-debuginfo-18.20.6-8.33.1 * nodejs18-18.20.6-8.33.1 * npm18-18.20.6-8.33.1 * nodejs18-devel-18.20.6-8.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * nodejs18-docs-18.20.6-8.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * nodejs18-debugsource-18.20.6-8.33.1 * nodejs18-debuginfo-18.20.6-8.33.1 * nodejs18-18.20.6-8.33.1 * npm18-18.20.6-8.33.1 * nodejs18-devel-18.20.6-8.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * nodejs18-docs-18.20.6-8.33.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22150.html * https://www.suse.com/security/cve/CVE-2025-23085.html * https://bugzilla.suse.com/show_bug.cgi?id=1236250 * https://bugzilla.suse.com/show_bug.cgi?id=1236258 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 20:31:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 Jan 2025 20:31:27 -0000 Subject: SUSE-SU-2025:0233-1: important: Security update for nodejs18 Message-ID: <173775068796.30301.1389192079768164940@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2025:0233-1 Release Date: 2025-01-24T16:05:13Z Rating: important References: * bsc#1236250 * bsc#1236258 Cross-References: * CVE-2025-22150 * CVE-2025-23085 CVSS scores: * CVE-2025-22150 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22150 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22150 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-23085 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-23085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.6: * CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERR_PROTO (bsc#1236250) * CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici (bsc#1236258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-233=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-233=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-233=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-233=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-233=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-233=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-233=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-233=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-233=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-233=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * corepack18-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Manager Server 4.3 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22150.html * https://www.suse.com/security/cve/CVE-2025-23085.html * https://bugzilla.suse.com/show_bug.cgi?id=1236250 * https://bugzilla.suse.com/show_bug.cgi?id=1236258 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 08:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 08:30:10 -0000 Subject: SUSE-SU-2025:0241-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Message-ID: <173796661081.6385.18039228897371812835@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0241-1 Release Date: 2025-01-26T05:03:57Z Rating: important References: * bsc#1226324 * bsc#1229275 Cross-References: * CVE-2024-36971 * CVE-2024-41057 CVSS scores: * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues. The following security issues were fixed: * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-241=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-241=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-15-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-15-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 08:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 08:30:34 -0000 Subject: SUSE-SU-2025:0240-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Message-ID: <173796663497.6385.6703268298233847421@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0240-1 Release Date: 2025-01-25T11:33:34Z Rating: important References: * bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225302 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-46955 * CVE-2021-47291 * CVE-2021-47378 * CVE-2021-47383 * CVE-2021-47402 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48956 * CVE-2023-1829 * CVE-2023-52752 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46955 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 26 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301) * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-240=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-240=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-11-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_43-debugsource-11-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-default-11-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-11-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-preempt-11-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-11-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2021-47402.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225302 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 08:30:49 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 08:30:49 -0000 Subject: SUSE-SU-2025:0239-1: important: Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) Message-ID: <173796664917.6385.2676684457465428639@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0239-1 Release Date: 2025-01-25T11:04:01Z Rating: important References: * bsc#1223683 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47291 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2024-26923 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 15 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_164 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-239=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-239=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-7-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_164-default-7-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_45-debugsource-7-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_164-preempt-7-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-7-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-7-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 08:31:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 08:31:07 -0000 Subject: SUSE-SU-2025:0238-1: important: Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) Message-ID: <173796666709.6385.708729413842228641@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0238-1 Release Date: 2025-01-25T10:03:59Z Rating: important References: * bsc#1210619 * bsc#1223363 * bsc#1223683 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225302 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47291 * CVE-2021-47378 * CVE-2021-47383 * CVE-2021-47402 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-1829 * CVE-2023-52752 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 21 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_161 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301) * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-238=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-238=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_44-debugsource-10-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_161-default-10-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-10-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_161-preempt-10-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-10-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_161-default-10-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2021-47402.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225302 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 12:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 12:30:12 -0000 Subject: SUSE-SU-2025:0243-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Message-ID: <173798101208.31423.10926802024568110291@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0243-1 Release Date: 2025-01-27T11:33:48Z Rating: important References: * bsc#1226324 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47291 * CVE-2021-47598 * CVE-2022-48956 * CVE-2024-36971 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-243=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-243=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-6-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_167-default-6-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_46-debugsource-6-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_167-preempt-6-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-6-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-6-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 12:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 12:30:15 -0000 Subject: SUSE-SU-2025:0242-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Message-ID: <173798101554.31423.8014062513223138166@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0242-1 Release Date: 2025-01-27T11:33:40Z Rating: important References: * bsc#1226324 Cross-References: * CVE-2024-36971 CVSS scores: * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes one issue. The following security issue was fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-242=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-242=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-15-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_41-debugsource-15-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_150-preempt-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-15-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-15-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36971.html * https://bugzilla.suse.com/show_bug.cgi?id=1226324 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:30:28 -0000 Subject: SUSE-SU-2025:0264-1: important: Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Message-ID: <173799542854.5731.7313887122413298034@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0264-1 Release Date: 2025-01-27T15:03:52Z Rating: important References: * bsc#1223059 * bsc#1223363 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 25 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-264=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-264=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-10-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-10-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-10-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-10-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:30:34 -0000 Subject: SUSE-SU-2025:0263-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Message-ID: <173799543431.5731.13100564270625936479@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0263-1 Release Date: 2025-01-27T14:33:31Z Rating: important References: * bsc#1226184 * bsc#1226324 * bsc#1227369 * bsc#1227781 * bsc#1227784 * bsc#1229275 Cross-References: * CVE-2024-27029 * CVE-2024-36971 * CVE-2024-36979 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-41057 CVSS scores: * CVE-2024-27029 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27029 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_21 fixes several issues. The following security issues were fixed: * CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-27029: drm/amdgpu: fix mmhub client id out-of-bounds access Properly handle cid 0x140 (bsc#1226184). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-263=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-263=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-9-150600.4.19.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-9-150600.4.19.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-9-150600.4.19.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-9-150600.4.19.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-9-150600.4.19.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-9-150600.4.19.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27029.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://bugzilla.suse.com/show_bug.cgi?id=1226184 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1227369 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:30:45 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:30:45 -0000 Subject: SUSE-SU-2025:0262-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Message-ID: <173799544525.5731.10721526250967546282@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0262-1 Release Date: 2025-01-27T14:04:01Z Rating: important References: * bsc#1225819 * bsc#1227369 * bsc#1227781 * bsc#1227784 * bsc#1228349 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1231419 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-35949 * CVE-2024-36979 * CVE-2024-40909 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-42133 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues. The following security issues were fixed: * CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-262=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-262=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_14-default-7-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-7-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_14-default-7-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-7-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1227369 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231419 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:31:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:31:15 -0000 Subject: SUSE-SU-2025:0261-1: important: Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Message-ID: <173799547507.5731.4090108283424351841@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0261-1 Release Date: 2025-01-27T14:03:51Z Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 34 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_108 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-261=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-261=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-13-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-13-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-13-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-13-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-13-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-13-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:31:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:31:29 -0000 Subject: SUSE-SU-2025:0260-1: important: Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Message-ID: <173799548958.5731.3868606661619002381@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0260-1 Release Date: 2025-01-27T14:03:39Z Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1227471 * bsc#1228349 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36971 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 16 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues. The following security issues were fixed: * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-260=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-260=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_68-default-8-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-8-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-8-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_68-default-8-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-8-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-8-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:31:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:31:40 -0000 Subject: SUSE-SU-2025:0255-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Message-ID: <173799550021.5731.16448862379089065281@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0255-1 Release Date: 2025-01-27T13:04:20Z Rating: important References: * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1227369 * bsc#1227781 * bsc#1227784 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1231419 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36971 * CVE-2024-36979 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-42133 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_7 fixes several issues. The following security issues were fixed: * CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-255=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-255=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_1-debugsource-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-7-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_1-debugsource-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-7-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1227369 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231419 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:32:00 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:32:00 -0000 Subject: SUSE-SU-2025:0254-1: important: Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Message-ID: <173799552094.5731.15981535658277654141@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0254-1 Release Date: 2025-01-27T13:33:32Z Rating: important References: * bsc#1223363 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225311 * bsc#1225312 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 24 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues. The following security issues were fixed: * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-259=1 SUSE-2025-254=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-259=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-254=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-9-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-9-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-9-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-9-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-9-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-9-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:32:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:32:27 -0000 Subject: SUSE-SU-2025:0253-1: important: Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Message-ID: <173799554715.5731.11253603512021280059@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0253-1 Release Date: 2025-01-27T13:04:03Z Rating: important References: * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 29 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues. The following security issues were fixed: * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-253=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-253=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-11-150500.11.10.1 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-11-150500.11.10.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-11-150500.11.10.1 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-11-150500.11.10.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:32:56 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:32:56 -0000 Subject: SUSE-SU-2025:0252-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Message-ID: <173799557691.5731.6698136174086962192@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0252-1 Release Date: 2025-01-27T13:03:54Z Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 34 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues. The following security issues were fixed: * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-252=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-252=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_11-debugsource-11-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-11-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_11-debugsource-11-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-11-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:33:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:33:27 -0000 Subject: SUSE-SU-2025:0251-1: important: Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Message-ID: <173799560708.5731.10255816304142161511@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0251-1 Release Date: 2025-01-27T13:03:46Z Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 32 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_111 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-251=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-251=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-11-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-11-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-11-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-11-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-11-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-11-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:33:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:33:44 -0000 Subject: SUSE-SU-2025:0249-1: important: Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4) Message-ID: <173799562460.5731.1101981086399911094@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0249-1 Release Date: 2025-01-27T12:04:29Z Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 17 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_122 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-249=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-249=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_27-debugsource-8-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_122-default-8-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-8-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_27-debugsource-8-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_122-default-8-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-8-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:34:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:34:12 -0000 Subject: SUSE-SU-2025:0248-1: important: Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Message-ID: <173799565296.5731.1071436494194159706@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0248-1 Release Date: 2025-01-27T12:04:21Z Rating: important References: * bsc#1220145 * bsc#1221302 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229553 * bsc#1231353 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 30 vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_116 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-248=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-248=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-11-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-11-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-11-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-11-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-11-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-11-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1231353 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:34:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:34:15 -0000 Subject: SUSE-SU-2025:0250-1: important: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Message-ID: <173799565579.5731.6364188314684929546@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0250-1 Release Date: 2025-01-27T13:03:37Z Rating: important References: * bsc#1226324 Cross-References: * CVE-2024-36971 CVSS scores: * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_103 fixes one issue. The following security issue was fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-250=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-250=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-247=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-247=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-16-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-16-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_40-debugsource-16-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-16-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-preempt-16-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_147-default-16-150300.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_103-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-14-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_103-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-14-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36971.html * https://bugzilla.suse.com/show_bug.cgi?id=1226324 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:34:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:34:20 -0000 Subject: SUSE-SU-2025:0246-1: important: Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) Message-ID: <173799566033.5731.12742367971267111092@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0246-1 Release Date: 2025-01-27T12:04:06Z Rating: important References: * bsc#1226324 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-36971 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_174 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-246=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-246=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-3-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_48-debugsource-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_174-default-3-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_174-preempt-3-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-3-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:34:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:34:25 -0000 Subject: SUSE-SU-2025:0245-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3) Message-ID: <173799566500.5731.14956817579284557602@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0245-1 Release Date: 2025-01-27T12:03:58Z Rating: important References: * bsc#1226324 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2022-48956 * CVE-2024-36971 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_170 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-245=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-245=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_170-default-4-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-4-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-4-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_170-preempt-4-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-4-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_170-default-4-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-4-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-4-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 16:34:47 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 16:34:47 -0000 Subject: SUSE-SU-2025:0244-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Message-ID: <173799568704.5731.9294309747789142839@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0244-1 Release Date: 2025-01-27T12:03:50Z Rating: important References: * bsc#1210619 * bsc#1218487 * bsc#1220145 * bsc#1220537 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225302 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-46955 * CVE-2021-47291 * CVE-2021-47378 * CVE-2021-47383 * CVE-2021-47402 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48956 * CVE-2023-1829 * CVE-2023-52752 * CVE-2023-6531 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46955 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47402 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 28 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_153 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301) * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-244=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-244=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-12-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_42-debugsource-12-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-12-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-preempt-12-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2021-47402.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225302 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 20:30:36 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 20:30:36 -0000 Subject: SUSE-SU-2025:0266-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Message-ID: <173800983609.5452.7773750002737030026@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0266-1 Release Date: 2025-01-27T17:33:33Z Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 38 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues. The following security issues were fixed: * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-266=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-266=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_10-debugsource-13-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-13-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-13-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_10-debugsource-13-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-13-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-13-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 27 20:30:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 Jan 2025 20:30:44 -0000 Subject: SUSE-SU-2025:0265-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Message-ID: <173800984467.5452.15765578706941275199@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0265-1 Release Date: 2025-01-27T16:33:31Z Rating: important References: * bsc#1225819 * bsc#1227369 * bsc#1227781 * bsc#1227784 * bsc#1228349 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-35949 * CVE-2024-36979 * CVE-2024-40909 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_17 fixes several issues. The following security issues were fixed: * CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-265=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-265=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_3-debugsource-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_17-default-7-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_3-debugsource-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-7-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_17-default-7-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1227369 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 28 12:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 28 Jan 2025 12:30:19 -0000 Subject: SUSE-SU-2025:0267-1: important: Security update for podman Message-ID: <173806741960.5452.3719656595966399076@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:0267-1 Release Date: 2025-01-28T11:25:31Z Rating: important References: * bsc#1214612 * bsc#1215807 * bsc#1215926 * bsc#1217828 * bsc#1221677 * bsc#1231208 * bsc#1231230 * bsc#1231499 * bsc#1231698 * bsc#1236270 Cross-References: * CVE-2024-11218 * CVE-2024-1753 * CVE-2024-9341 * CVE-2024-9407 * CVE-2024-9675 * CVE-2024-9676 CVSS scores: * CVE-2024-11218 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-11218 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-11218 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-1753 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-9341 ( SUSE ): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2024-9675 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-9675 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9676 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-9676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves six vulnerabilities and has four security fixes can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698) * Load ip_tables and ip6_tables kernel module (bsc#1214612) * Required for rootless mode as a regular user has no permission to load kernel modules * CVE-2024-9675: Fixed cache arbitrary directory mount in buildah (bsc#1231499) * CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction in buildah (bsc#1231208) * CVE-2024-9341: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) * CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677) * CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270) * Refactor network backend dependencies: * podman requires either netavark or cni-plugins. On ALP, require netavark, otherwise prefer netavark but don't force it. * This fixes missing cni-plugins in some scenarios * Default to netavark everywhere where it's available ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-267=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-267=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-267=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-267=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-267=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-267=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-267=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-267=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-267=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.35.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podmansh-4.9.5-150400.4.35.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.35.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.35.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.35.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * podman-4.9.5-150400.4.35.1 * podman-remote-debuginfo-4.9.5-150400.4.35.1 * podman-remote-4.9.5-150400.4.35.1 * podman-debuginfo-4.9.5-150400.4.35.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * podman-docker-4.9.5-150400.4.35.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11218.html * https://www.suse.com/security/cve/CVE-2024-1753.html * https://www.suse.com/security/cve/CVE-2024-9341.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2024-9675.html * https://www.suse.com/security/cve/CVE-2024-9676.html * https://bugzilla.suse.com/show_bug.cgi?id=1214612 * https://bugzilla.suse.com/show_bug.cgi?id=1215807 * https://bugzilla.suse.com/show_bug.cgi?id=1215926 * https://bugzilla.suse.com/show_bug.cgi?id=1217828 * https://bugzilla.suse.com/show_bug.cgi?id=1221677 * https://bugzilla.suse.com/show_bug.cgi?id=1231208 * https://bugzilla.suse.com/show_bug.cgi?id=1231230 * https://bugzilla.suse.com/show_bug.cgi?id=1231499 * https://bugzilla.suse.com/show_bug.cgi?id=1231698 * https://bugzilla.suse.com/show_bug.cgi?id=1236270 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 28 16:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 28 Jan 2025 16:30:15 -0000 Subject: SUSE-SU-2025:0269-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Message-ID: <173808181512.5452.17313726607038572846@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0269-1 Release Date: 2025-01-28T13:03:48Z Rating: important References: * bsc#1225819 * bsc#1227369 * bsc#1227781 * bsc#1227784 * bsc#1228349 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1233712 Cross-References: * CVE-2023-52752 * CVE-2024-35949 * CVE-2024-36979 * CVE-2024-40909 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues. The following security issues were fixed: * CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-269=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-7-150600.1.8.1 * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-7-150600.1.8.1 * kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1227369 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 28 16:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 28 Jan 2025 16:30:20 -0000 Subject: SUSE-SU-2025:0268-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Message-ID: <173808182027.5452.7913240957357105449@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0268-1 Release Date: 2025-01-28T13:03:45Z Rating: important References: * bsc#1226324 * bsc#1227369 * bsc#1227781 * bsc#1227784 * bsc#1229275 Cross-References: * CVE-2024-36971 * CVE-2024-36979 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-41057 CVSS scores: * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_8 fixes several issues. The following security issues were fixed: * CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-268=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-8-150600.3.1 * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-8-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1227369 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 08:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 08:30:09 -0000 Subject: SUSE-SU-2025:0281-1: important: Security update for go1.22 Message-ID: <173813940937.22572.17989298103969572568@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2025:0281-1 Release Date: 2025-01-29T07:35:24Z Rating: important References: * bsc#1218424 * bsc#1236045 * bsc#1236046 Cross-References: * CVE-2024-45336 * CVE-2024-45341 CVSS scores: * CVE-2024-45336 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-45341 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: * Update to go1.22.11 (bsc#1218424) * CVE-2024-45341: Properly check for IPv6 hosts in URIs (bsc#1236045) * CVE-2024-45336: Persist header stripping across repeated redirects (bsc#1236046) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-281=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-281=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-281=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-281=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-281=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-281=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-281=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-281=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-281=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-281=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-281=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-281=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-281=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-281=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.22-doc-1.22.11-150000.1.39.1 * go1.22-1.22.11-150000.1.39.1 * go1.22-race-1.22.11-150000.1.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45336.html * https://www.suse.com/security/cve/CVE-2024-45341.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1236045 * https://bugzilla.suse.com/show_bug.cgi?id=1236046 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 08:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 08:30:14 -0000 Subject: SUSE-SU-2025:0280-1: important: Security update for go1.23 Message-ID: <173813941446.22572.4074363336479612719@smelt2.prg2.suse.org> # Security update for go1.23 Announcement ID: SUSE-SU-2025:0280-1 Release Date: 2025-01-29T07:34:28Z Rating: important References: * bsc#1229122 * bsc#1236045 * bsc#1236046 Cross-References: * CVE-2024-45336 * CVE-2024-45341 CVSS scores: * CVE-2024-45336 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-45341 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.23 fixes the following issues: * Update to go1.23.5 (bsc#1229122) * CVE-2024-45341: Properly check for IPv6 hosts in URIs (bsc#1236045) * CVE-2024-45336: Persist header stripping across repeated redirects (bsc#1236046) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-280=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-280=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-280=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-280=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-280=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-280=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-280=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-280=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-280=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-280=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-280=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-280=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-280=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-280=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.23-doc-1.23.5-150000.1.18.1 * go1.23-1.23.5-150000.1.18.1 * go1.23-race-1.23.5-150000.1.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45336.html * https://www.suse.com/security/cve/CVE-2024-45341.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1236045 * https://bugzilla.suse.com/show_bug.cgi?id=1236046 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 08:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 08:30:17 -0000 Subject: SUSE-SU-2025:0279-1: moderate: Security update for java-21-openjdk Message-ID: <173813941710.22572.9013847139729608845@smelt2.prg2.suse.org> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2025:0279-1 Release Date: 2025-01-28T23:47:05Z Rating: moderate References: * bsc#1236278 Cross-References: * CVE-2025-21502 CVSS scores: * CVE-2025-21502 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-21502 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-21502 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Upgrade to upstream tag jdk-21.0.6+7 (January 2025 CPU) Security fixes: * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278) Other changes: * JDK-6942632: Hotspot should be able to use more than 64 logical processors on Windows * JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is incorrect * JDK-8195675: Call to insertText with single character from custom Input Method ignored * JDK-8207908: JMXStatusTest.java fails assertion intermittently * JDK-8225220: When the Tab Policy is checked,the scroll button direction displayed incorrectly. * JDK-8240343: JDI stopListening/stoplis001 "FAILED: listening is successfully stopped without starting listening" * JDK-8283214: [macos] Screen magnifier does not show the magnified text for JComboBox * JDK-8296787: Unify debug printing format of X.509 cert serial numbers * JDK-8296972: [macos13] java/awt/Frame/MaximizedToIconified/MaximizedToIconified.java: getExtendedState() != 6 as expected. * JDK-8306446: java/lang/management/ThreadMXBean/Locks.java transient failures * JDK-8308429: jvmti/StopThread/stopthrd007 failed with "NoClassDefFoundError: Could not initialize class jdk.internal.misc.VirtualThreads" * JDK-8309218: java/util/concurrent/locks/Lock/OOMEInAQS.java still times out with ZGC, Generational ZGC, and SerialGC * JDK-8311301: MethodExitTest may fail with stack buffer overrun * JDK-8311656: Shenandoah: Unused ShenandoahSATBAndRemarkThreadsClosure::_claim_token * JDK-8312518: [macos13] setFullScreenWindow() shows black screen on macOS 13 & above * JDK-8313374: --enable-ccache's CCACHE_BASEDIR breaks builds * JDK-8313878: Exclude two compiler/rtm/locking tests on ppc64le * JDK-8315701: [macos] Regression: KeyEvent has different keycode on different keyboard layouts * JDK-8316428: G1: Nmethod count statistics only count last code root set iterated * JDK-8316893: Compile without -fno-delete-null-pointer-checks * JDK-8316895: SeenThread::print_action_queue called on a null pointer * JDK-8316907: Fix nonnull-compare warnings * JDK-8317116: Provide layouts for multiple test UI in PassFailJFrame * JDK-8317575: AArch64: C2_MacroAssembler::fast_lock uses rscratch1 for cmpxchg result * JDK-8318105: [jmh] the test java.security.HSS failed with 2 active threads * JDK-8318442: java/net/httpclient/ManyRequests2.java fails intermittently on Linux * JDK-8319640: ClassicFormat::parseObject (from DateTimeFormatter) does not conform to the javadoc and may leak DateTimeException * JDK-8319673: Few security tests ignore VM flags * JDK-8319678: Several tests from corelibs areas ignore VM flags * JDK-8319960: RISC-V: compiler/intrinsics/TestInteger/LongUnsignedDivMod.java failed with "counts: Graph contains wrong number of nodes" * JDK-8319970: AArch64: enable tests compiler/intrinsics/Test(Long|Integer)UnsignedDivMod.java on aarch64 * JDK-8319973: AArch64: Save and restore FPCR in the call stub * JDK-8320192: SHAKE256 does not work correctly if n >= 137 * JDK-8320397: RISC-V: Avoid passing t0 as temp register to MacroAssembler:: cmpxchg_obj_header/cmpxchgptr * JDK-8320575: generic type information lost on mandated parameters of record's compact constructors * JDK-8320586: update manual test/jdk/TEST.groups * JDK-8320665: update jdk_core at open/test/jdk/TEST.groups * JDK-8320673: PageFormat/CustomPaper.java has no Pass/Fail buttons; multiple instructions * JDK-8320682: [AArch64] C1 compilation fails with "Field too big for insn" * JDK-8320892: AArch64: Restore FPU control state after JNI * JDK-8321299: runtime/logging/ClassLoadUnloadTest.java doesn't reliably trigger class unloading * JDK-8321470: ThreadLocal.nextHashCode can be static final * JDK-8321474: TestAutoCreateSharedArchiveUpgrade.java should be updated with JDK 21 * JDK-8321543: Update NSS to version 3.96 * JDK-8321550: Update several runtime/cds tests to use vm flags or mark as flagless * JDK-8321616: Retire binary test vectors in test/jdk/java/util/zip/ZipFile * JDK-8321940: Improve CDSHeapVerifier in handling of interned strings * JDK-8322166: Files.isReadable/isWritable/isExecutable expensive when file does not exist * JDK-8322754: click JComboBox when dialog about to close causes IllegalComponentStateException * JDK-8322809: SystemModulesMap::classNames and moduleNames arrays do not match the order * JDK-8322830: Add test case for ZipFile opening a ZIP with no entries * JDK-8323562: SaslInputStream.read() may return wrong value * JDK-8323688: C2: Fix UB of jlong overflow in PhaseIdealLoop::is_counted_loop() * JDK-8324841: PKCS11 tests still skip execution * JDK-8324861: Exceptions::wrap_dynamic_exception() doesn't have ResourceMark * JDK-8325038: runtime/cds/appcds/ProhibitedPackage.java can fail with UseLargePages * JDK-8325399: Add tests for virtual threads doing Selector operations * JDK-8325506: Ensure randomness is only read from provided SecureRandom object * JDK-8325525: Create jtreg test case for JDK-8325203 * JDK-8325610: CTW: Add StressIncrementalInlining to stress options * JDK-8325762: Use PassFailJFrame.Builder.splitUI() in PrintLatinCJKTest.java * JDK-8325851: Hide PassFailJFrame.Builder constructor * JDK-8325906: Problemlist vmTestbase/vm/mlvm/meth/stress/compiler/deoptimize/Test.java#id1 until JDK-8320865 is fixed * JDK-8326100: DeflaterDictionaryTests should use Deflater.getBytesWritten instead of Deflater.getTotalOut * JDK-8326121: vmTestbase/gc/g1/unloading/tests/unloading_keepRef_rootClass_inMemoryCompilation_keep_cl failed with Full gc happened. Test was useless. * JDK-8326611: Clean up vmTestbase/nsk/stress/stack tests * JDK-8326898: NSK tests should listen on loopback addresses only * JDK-8327924: Simplify TrayIconScalingTest.java * JDK-8328021: Convert applet test java/awt/List/SetFontTest/SetFontTest.html to main program * JDK-8328242: Add a log area to the PassFailJFrame * JDK-8328303: 3 JDI tests timed out with UT enabled * JDK-8328379: Convert URLDragTest.html applet test to main * JDK-8328402: Implement pausing functionality for the PassFailJFrame * JDK-8328619: sun/management/jmxremote/bootstrap/SSLConfigFilePermissionTest.java failed with BindException: Address already in use * JDK-8328665: serviceability/jvmti/vthread/PopFrameTest failed with a timeout * JDK-8328723: IP Address error when client enables HTTPS endpoint check on server socket * JDK-8329353: ResolvedReferencesNotNullTest.java failed with Incorrect resolved references array, quxString should not be archived * JDK-8329533: TestCDSVMCrash fails on libgraal * JDK-8330278: Have SSLSocketTemplate.doClientSide use loopback address * JDK-8330621: Make 5 compiler tests use ProcessTools.executeProcess * JDK-8331391: Enhance the keytool code by invoking the buildTrustedCerts method for essential options * JDK-8331393: AArch64: u32 _partial_subtype_ctr loaded/stored as 64 * JDK-8331864: Update Public Suffix List to 1cbd6e7 * JDK-8332112: Update nsk.share.Log to don't print summary during VM shutdown hook * JDK-8332340: Add JavacBench as a test case for CDS * JDK-8332461: ubsan : dependencies.cpp:906:3: runtime error: load of value 4294967295, which is not a valid value for type 'DepType' * JDK-8332724: x86 MacroAssembler may over-align code * JDK-8332777: Update JCStress test suite * JDK-8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled * JDK-8332901: Select{Current,New}ItemTest.java for Choice don't open popup on macOS * JDK-8333098: ubsan: bytecodeInfo.cpp:318:59: runtime error: division by zero * JDK-8333108: Update vmTestbase/nsk/share/DebugeeProcess.java to don't use finalization * JDK-8333144: docker tests do not work when ubsan is configured * JDK-8333235: vmTestbase/nsk/jdb/kill/kill001/kill001.java fails with C1 * JDK-8333248: VectorGatherMaskFoldingTest.java failed when maximum vector bits is 64 * JDK-8333317: Test sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java failed with: Invalid ECDH ServerKeyExchange signature * JDK-8333427: langtools/tools/javac/newlines/NewLineTest.java is failing on Japanese Windows * JDK-8333728: ubsan: shenandoahFreeSet.cpp:1347:24: runtime error: division by zero * JDK-8333754: Add a Test against ECDSA and ECDH NIST Test vector * JDK-8333824: Unused ClassValue in VarHandles * JDK-8334057: JLinkReproducibleTest.java support receive test.tool.vm.opts * JDK-8334405: java/nio/channels/Selector/SelectWithConsumer.java#id0 failed in testWakeupDuringSelect * JDK-8334475: UnsafeIntrinsicsTest.java#ZGenerationalDebug assert(!assert_on_failure) failed: Has low-order bits set * JDK-8334560: [PPC64]: postalloc_expand_java_dynamic_call_sched does not copy all fields * JDK-8334562: Automate com/sun/security/auth/callback/TextCallbackHandler/Default.java test * JDK-8334567: [test] runtime/os/TestTracePageSizes move ppc handling * JDK-8334719: (se) Deferred close of SelectableChannel may result in a Selector doing the final close before concurrent I/O on channel has completed * JDK-8335142: compiler/c1/TestTraceLinearScanLevel.java occasionally times out with -Xcomp * JDK-8335172: Add manual steps to run security/auth/callback/TextCallbackHandler/Password.java test * JDK-8335267: [XWayland] move screencast tokens from .awt to .java folder * JDK-8335344: test/jdk/sun/security/tools/keytool/NssTest.java fails to compile * JDK-8335428: Enhanced Building of Processes * JDK-8335449: runtime/cds/DeterministicDump.java fails with File content different at byte ... * JDK-8335530: Java file extension missing in AuthenticatorTest * JDK-8335664: Parsing jsr broken: assert(bci>= 0 && bci < c->method()->code_size()) failed: index out of bounds * JDK-8335709: C2: assert(!loop->is_member(get_loop(useblock))) failed: must be outside loop * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when extracting to not overwriting existing files * JDK-8336240: Test com/sun/crypto/provider/Cipher/DES/PerformanceTest.java fails with java.lang.ArithmeticException * JDK-8336257: Additional tests in jmxremote/startstop to match on PID not app name * JDK-8336315: tools/jpackage/windows/WinChildProcessTest.java Failed: Check is calculator process is alive * JDK-8336413: gtk headers : Fix typedef redeclaration of GMainContext and GdkPixbuf * JDK-8336564: Enhance mask blit functionality redux * JDK-8336640: Shenandoah: Parallel worker use in parallel_heap_region_iterate * JDK-8336854: CAInterop.java#actalisauthenticationrootca conflicted with /manual and /timeout * JDK-8336911: ZGC: Division by zero in heuristics after JDK-8332717 * JDK-8337066: Repeated call of StringBuffer.reverse with double byte string returns wrong result * JDK-8337067: Test runtime/classFileParserBug/Bad_NCDFE_Msg.java won't compile * JDK-8337320: Update ProblemList.txt with tests known to fail on XWayland * JDK-8337331: crash: pinned virtual thread will lead to jvm crash when running with the javaagent option * JDK-8337410: The makefiles should set problemlist and adjust timeout basing on the given VM flags * JDK-8337780: RISC-V: C2: Change C calling convention for sp to NS * JDK-8337810: ProblemList BasicDirectoryModel/LoaderThreadCount.java on Windows * JDK-8337826: Improve logging in OCSPTimeout and SimpleOCSPResponder to help diagnose JDK-8309754 * JDK-8337851: Some tests have name which confuse jtreg * JDK-8337876: [IR Framework] Add support for IR tests with @Stable * JDK-8337966: (fs) Files.readAttributes fails with Operation not permitted on older docker releases * JDK-8338058: map_or_reserve_memory_aligned Windows enhance remap assertion * JDK-8338101: remove old remap assertion in map_or_reserve_memory_aligned after JDK-8338058 * JDK-8338109: java/awt/Mouse/EnterExitEvents/ResizingFrameTest.java duplicate in ProblemList * JDK-8338110: Exclude Fingerprinter::do_type from ubsan checks * JDK-8338112: Test testlibrary_tests/ir_framework/tests/TestPrivilegedMode.java fails with release build * JDK-8338344: Test TestPrivilegedMode.java intermittent fails java.lang.NoClassDefFoundError: jdk/test/lib/Platform * JDK-8338380: Update TLSCommon/interop/AbstractServer to specify an interface to listen for connections * JDK-8338389: [JFR] Long strings should be added to the string pool * JDK-8338402: GHA: some of bundles may not get removed * JDK-8338449: ubsan: division by zero in sharedRuntimeTrans.cpp * JDK-8338550: Do libubsan1 installation in test container only if requested * JDK-8338748: [17u,21u] Test Disconnect.java compile error: cannot find symbol after JDK-8299813 * JDK-8338751: ConfigureNotify behavior has changed in KWin 6.2 * JDK-8338759: Add extra diagnostic to java/net/InetAddress/ptr/Lookup.java * JDK-8338924: C1: assert(0 <= i && i < _len) failed: illegal index 5 for length 5 * JDK-8339080: Bump update version for OpenJDK: jdk-21.0.6 * JDK-8339180: Enhanced Building of Processes: Follow-on Issue * JDK-8339248: RISC-V: Remove li64 macro assembler routine and related code * JDK-8339384: Unintentional IOException in jdk.jdi module when JDWP end of stream occurs * JDK-8339386: Assertion on AIX - original PC must be in the main code section of the compiled method * JDK-8339416: [s390x] Provide implementation for resolve_global_jobject * JDK-8339487: ProcessHandleImpl os_getChildren sysctl call - retry in case of ENOMEM and enhance exception message * JDK-8339548: GHA: RISC-V: Use Debian snapshot archive for bootstrap * JDK-8339560: Unaddressed comments during code review of JDK-8337664 * JDK-8339591: Mark jdk/jshell/ExceptionMessageTest.java intermittent * JDK-8339637: (tz) Update Timezone Data to 2024b * JDK-8339644: Improve parsing of Day/Month in tzdata rules * JDK-8339648: ZGC: Division by zero in rule_major_allocation_rate * JDK-8339725: Concurrent GC crashed due to GetMethodDeclaringClass * JDK-8339731: java.desktop/share/classes/javax/swing/text/html/default.css typo in margin settings * JDK-8339741: RISC-V: C ABI breakage for integer on stack * JDK-8339787: Add some additional diagnostic output to java/net/ipv6tests/UdpTest.java * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata files * JDK-8339892: Several security shell tests don't set TESTJAVAOPTS * JDK-8340007: Refactor KeyEvent/FunctionKeyTest.java * JDK-8340008: KeyEvent/KeyTyped/Numpad1KeyTyped.java has 15 seconds timeout * JDK-8340109: Ubsan: ciEnv.cpp:1660:65: runtime error: member call on null pointer of type 'struct CompileTask' * JDK-8340210: Add positionTestUI() to PassFailJFrame.Builder * JDK-8340214: C2 compilation asserts with "no node with a side effect" in PhaseIdealLoop::try_sink_out_of_loop * JDK-8340230: Tests crash: assert(is_in_encoding_range || k->is_interface() || k->is_abstract()) failed: sanity * JDK-8340306: Add border around instructions in PassFailJFrame * JDK-8340308: PassFailJFrame: Make rows default to number of lines in instructions * JDK-8340365: Position the first window of a window list * JDK-8340383: VM issues warning failure to find kernel32.dll on Windows nanoserver * JDK-8340387: Update OS detection code to recognize Windows Server 2025 * JDK-8340398: [JVMCI] Unintuitive behavior of UseJVMCICompiler option * JDK-8340418: GHA: MacOS AArch64 bundles can be removed prematurely * JDK-8340461: Amend description for logArea * JDK-8340466: Add description for PassFailJFrame constructors * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names * JDK-8340590: RISC-V: C2: Small improvement to vector gather load and scatter store * JDK-8340632: ProblemList java/nio/channels/DatagramChannel/ for Macos * JDK-8340657: [PPC64] SA determines wrong unextendedSP * JDK-8340684: Reading from an input stream backed by a closed ZipFile has no test coverage * JDK-8340785: Update description of PassFailJFrame and samples * JDK-8340799: Add border inside instruction frame in PassFailJFrame * JDK-8340801: Disable ubsan checks in some awt/2d coding * JDK-8340804: doc/building.md update Xcode instructions to note that full install is required * JDK-8340812: LambdaForm customization via MethodHandle::updateForm is not thread safe * JDK-8340815: Add SECURITY.md file * JDK-8340899: Remove wildcard bound in PositionWindows.positionTestWindows * JDK-8340923: The class LogSelection copies uninitialized memory * JDK-8341024: [test] build/AbsPathsInImage.java fails with OOM when using ubsan-enabled binaries * JDK-8341146: RISC-V: Unnecessary fences used for load-acquire in template interpreter * JDK-8341235: Improve default instruction frame title in PassFailJFrame * JDK-8341261: Tests assume UnlockExperimentalVMOptions is disabled by default * JDK-8341562: RISC-V: Generate comments in -XX:+PrintInterpreter to link to source code * JDK-8341688: Aarch64: Generate comments in -XX:+PrintInterpreter to link to source code * JDK-8341722: Fix some warnings as errors when building on Linux with toolchain clang * JDK-8341806: Gcc version detection failure on Alinux3 * JDK-8341927: Replace hardcoded security providers with new test.provider.name system property * JDK-8341997: Tests create files in src tree instead of scratch dir * JDK-8342014: RISC-V: ZStoreBarrierStubC2 clobbers rflags * JDK-8342063: [21u][aix] Backport introduced redundant line in ProblemList * JDK-8342181: Update tests to use stronger Key and Salt size * JDK-8342183: Update tests to use stronger algorithms and keys * JDK-8342188: Update tests to use stronger key parameters and certificates * JDK-8342409: [s390x] C1 unwind_handler fails to unlock synchronized methods with LM_MONITOR * JDK-8342496: C2/Shenandoah: SEGV in compiled code when running jcstress * JDK-8342578: GHA: RISC-V: Bootstrap using Debian snapshot is still failing * JDK-8342607: Enhance register printing on x86_64 platforms * JDK-8342669: [21u] Fix TestArrayAllocatorMallocLimit after backport of JDK-8315097 * JDK-8342681: TestLoadBypassesNullCheck.java fails improperly specified VM option * JDK-8342701: [PPC64] TestOSRLotsOfLocals.java crashes * JDK-8342765: [21u] RTM tests assume UnlockExperimentalVMOptions is disabled by default * JDK-8342823: Ubsan: ciEnv.cpp:1614:65: runtime error: member call on null pointer of type 'struct CompileTask' * JDK-8342905: Thread.setContextClassloader from thread in FJP commonPool task no longer works after JDK-8327501 redux * JDK-8342962: [s390x] TestOSRLotsOfLocals.java crashes * JDK-8343285: java.lang.Process is unresponsive and CPU usage spikes to 100% * JDK-8343474: [updates] Customize README.md to specifics of update project * JDK-8343506: [s390x] multiple test failures with ubsan * JDK-8343724: [PPC64] Disallow OptoScheduling * JDK-8343848: Fix typo of property name in TestOAEPPadding after 8341927 * JDK-8343877: Test AsyncClose.java intermittent fails - Socket.getInputStream().read() wasn't preempted * JDK-8343884: [s390x] Disallow OptoScheduling * JDK-8343923: GHA: Switch to Xcode 15 on MacOS AArch64 runners * JDK-8344164: [s390x] ProblemList hotspot/jtreg/runtime/NMT/VirtualAllocCommitMerge.java * JDK-8344628: Test TestEnableJVMCIProduct.java run with virtual thread intermittent fails * JDK-8344993: [21u] [REDO] Backport JDK-8327501 and JDK-8328366 to JDK 21 * JDK-8345055: [21u] ProblemList failing rtm tests on ppc platforms * JDK-8347010: [21u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.6 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-279=1 openSUSE-SLE-15.6-2025-279=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-279=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-21.0.6.0-150600.3.9.1 * java-21-openjdk-src-21.0.6.0-150600.3.9.1 * java-21-openjdk-devel-debuginfo-21.0.6.0-150600.3.9.1 * java-21-openjdk-headless-21.0.6.0-150600.3.9.1 * java-21-openjdk-headless-debuginfo-21.0.6.0-150600.3.9.1 * java-21-openjdk-jmods-21.0.6.0-150600.3.9.1 * java-21-openjdk-devel-21.0.6.0-150600.3.9.1 * java-21-openjdk-debuginfo-21.0.6.0-150600.3.9.1 * java-21-openjdk-debugsource-21.0.6.0-150600.3.9.1 * java-21-openjdk-demo-21.0.6.0-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.6.0-150600.3.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-21.0.6.0-150600.3.9.1 * java-21-openjdk-devel-debuginfo-21.0.6.0-150600.3.9.1 * java-21-openjdk-headless-21.0.6.0-150600.3.9.1 * java-21-openjdk-headless-debuginfo-21.0.6.0-150600.3.9.1 * java-21-openjdk-devel-21.0.6.0-150600.3.9.1 * java-21-openjdk-debuginfo-21.0.6.0-150600.3.9.1 * java-21-openjdk-debugsource-21.0.6.0-150600.3.9.1 * java-21-openjdk-demo-21.0.6.0-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21502.html * https://bugzilla.suse.com/show_bug.cgi?id=1236278 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 08:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 08:30:21 -0000 Subject: SUSE-SU-2025:0278-1: moderate: Security update for openvpn Message-ID: <173813942150.22572.10334311938622133010@smelt2.prg2.suse.org> # Security update for openvpn Announcement ID: SUSE-SU-2025:0278-1 Release Date: 2025-01-28T23:46:50Z Rating: moderate References: * bsc#1235147 Cross-References: * CVE-2024-5594 CVSS scores: * CVE-2024-5594 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-5594 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-5594 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for openvpn fixes the following issues: * CVE-2024-5594: Fixed wrong handling of null bytes and invalid characters in control messages (bsc#1235147) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-278=1 openSUSE-SLE-15.6-2025-278=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-278=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openvpn-dco-2.6.8-150600.3.14.1 * openvpn-dco-debugsource-2.6.8-150600.3.14.1 * openvpn-dco-debuginfo-2.6.8-150600.3.14.1 * openvpn-debuginfo-2.6.8-150600.3.14.1 * openvpn-auth-pam-plugin-debuginfo-2.6.8-150600.3.14.1 * openvpn-down-root-plugin-debuginfo-2.6.8-150600.3.14.1 * openvpn-down-root-plugin-2.6.8-150600.3.14.1 * openvpn-auth-pam-plugin-2.6.8-150600.3.14.1 * openvpn-devel-2.6.8-150600.3.14.1 * openvpn-debugsource-2.6.8-150600.3.14.1 * openvpn-dco-devel-2.6.8-150600.3.14.1 * openvpn-2.6.8-150600.3.14.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openvpn-dco-2.6.8-150600.3.14.1 * openvpn-dco-debugsource-2.6.8-150600.3.14.1 * openvpn-dco-debuginfo-2.6.8-150600.3.14.1 * openvpn-debuginfo-2.6.8-150600.3.14.1 * openvpn-auth-pam-plugin-debuginfo-2.6.8-150600.3.14.1 * openvpn-auth-pam-plugin-2.6.8-150600.3.14.1 * openvpn-devel-2.6.8-150600.3.14.1 * openvpn-debugsource-2.6.8-150600.3.14.1 * openvpn-dco-devel-2.6.8-150600.3.14.1 * openvpn-2.6.8-150600.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5594.html * https://bugzilla.suse.com/show_bug.cgi?id=1235147 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 08:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 08:30:26 -0000 Subject: SUSE-SU-2025:0277-1: important: Security update for amazon-ssm-agent Message-ID: <173813942606.22572.18405995765239871794@smelt2.prg2.suse.org> # Security update for amazon-ssm-agent Announcement ID: SUSE-SU-2025:0277-1 Release Date: 2025-01-28T23:46:33Z Rating: important References: * bsc#1235575 Cross-References: * CVE-2025-21613 CVSS scores: * CVE-2025-21613 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21613 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear * CVE-2025-21613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for amazon-ssm-agent fixes the following issues: Update to version 3.3.1611.0: * CVE-2025-21613: Fixed argument injection via the URL field in github.com/go- git/go-git/v5 (bsc#1235575) Full changelog: https://github.com/aws/amazon-ssm- agent/compare/3.1.1260.0...3.3.1611.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-277=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-277=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-277=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-277=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-277=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.20.1 * Public Cloud Module 15-SP3 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.20.1 * Public Cloud Module 15-SP4 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.20.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.20.1 * Public Cloud Module 15-SP6 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.20.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21613.html * https://bugzilla.suse.com/show_bug.cgi?id=1235575 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 12:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 12:30:08 -0000 Subject: SUSE-SU-2025:0282-1: important: Security update for nginx Message-ID: <173815380858.24850.14487538413114576356@smelt2.prg2.suse.org> # Security update for nginx Announcement ID: SUSE-SU-2025:0282-1 Release Date: 2025-01-29T08:04:15Z Rating: important References: * bsc#1216171 * bsc#1229155 Cross-References: * CVE-2023-44487 * CVE-2024-7347 CVSS scores: * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7347 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-7347 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-7347 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-7347 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-7347 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for nginx fixes the following issues: * CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack (bsc#1216171) * CVE-2024-7347: Fixed worker crashes on special crafted mp4 files containing invalid chunk information (bsc#1229155) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-282=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-282=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-282=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-282=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-282=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-282=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-282=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-282=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-282=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-282=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-282=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-282=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Manager Proxy 4.3 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Manager Server 4.3 (noarch) * nginx-source-1.21.5-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2024-7347.html * https://bugzilla.suse.com/show_bug.cgi?id=1216171 * https://bugzilla.suse.com/show_bug.cgi?id=1229155 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 16:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 16:30:23 -0000 Subject: SUSE-SU-2025:0285-1: important: Security update for go1.24 Message-ID: <173816822330.22572.12286584953846040254@smelt2.prg2.suse.org> # Security update for go1.24 Announcement ID: SUSE-SU-2025:0285-1 Release Date: 2025-01-29T14:31:49Z Rating: important References: * bsc#1236045 * bsc#1236046 * bsc#1236217 * bsc#1236360 * bsc#1236361 Cross-References: * CVE-2024-45336 * CVE-2024-45340 * CVE-2024-45341 * CVE-2025-22865 CVSS scores: * CVE-2024-45336 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-45340 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L * CVE-2024-45340 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45341 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-22865 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22865 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: This update ships go1.24rc2 (bsc#1236217). * CVE-2024-45341: Properly check for IPv6 hosts in URIs (bsc#1236045) * CVE-2024-45336: Persist header stripping across repeated redirects (bsc#1236046) * CVE-2025-22865: Avoid panic when parsing partial PKCS#1 private keys (bsc#1236361) * CVE-2024-45340: Restore netrc preferences for GOAUTH and fix domain lookup (bsc#1236360) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-285=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-285=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-285=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-285=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-285=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-285=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-285=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-285=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-285=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-285=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-285=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-285=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-285=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-285=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24rc2-150000.1.3.1 * go1.24-1.24rc2-150000.1.3.1 * go1.24-doc-1.24rc2-150000.1.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45336.html * https://www.suse.com/security/cve/CVE-2024-45340.html * https://www.suse.com/security/cve/CVE-2024-45341.html * https://www.suse.com/security/cve/CVE-2025-22865.html * https://bugzilla.suse.com/show_bug.cgi?id=1236045 * https://bugzilla.suse.com/show_bug.cgi?id=1236046 * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1236360 * https://bugzilla.suse.com/show_bug.cgi?id=1236361 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 16:30:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 16:30:29 -0000 Subject: SUSE-SU-2025:0284-1: important: Security update for nodejs22 Message-ID: <173816822906.22572.15474214993257145555@smelt2.prg2.suse.org> # Security update for nodejs22 Announcement ID: SUSE-SU-2025:0284-1 Release Date: 2025-01-29T13:47:59Z Rating: important References: * bsc#1236250 * bsc#1236251 * bsc#1236258 Cross-References: * CVE-2025-22150 * CVE-2025-23083 * CVE-2025-23085 CVSS scores: * CVE-2025-22150 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22150 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22150 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-23083 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23083 ( NVD ): 7.7 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-23085 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-23085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for nodejs22 fixes the following issues: Update to 22.13.1: * CVE-2025-23083: Fixed worker permission bypass via InternalWorker leak in diagnostics (bsc#1236251) * CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERR_PROTO (bsc#1236250) * CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici (bsc#1236258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-284=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-284=1 openSUSE-SLE-15.6-2025-284=1 ## Package List: * Web and Scripting Module 15-SP6 (aarch64 ppc64le s390x x86_64) * nodejs22-debugsource-22.13.1-150600.13.6.1 * nodejs22-22.13.1-150600.13.6.1 * nodejs22-devel-22.13.1-150600.13.6.1 * npm22-22.13.1-150600.13.6.1 * nodejs22-debuginfo-22.13.1-150600.13.6.1 * Web and Scripting Module 15-SP6 (noarch) * nodejs22-docs-22.13.1-150600.13.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * nodejs22-debugsource-22.13.1-150600.13.6.1 * corepack22-22.13.1-150600.13.6.1 * nodejs22-22.13.1-150600.13.6.1 * nodejs22-devel-22.13.1-150600.13.6.1 * npm22-22.13.1-150600.13.6.1 * nodejs22-debuginfo-22.13.1-150600.13.6.1 * openSUSE Leap 15.6 (noarch) * nodejs22-docs-22.13.1-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22150.html * https://www.suse.com/security/cve/CVE-2025-23083.html * https://www.suse.com/security/cve/CVE-2025-23085.html * https://bugzilla.suse.com/show_bug.cgi?id=1236250 * https://bugzilla.suse.com/show_bug.cgi?id=1236251 * https://bugzilla.suse.com/show_bug.cgi?id=1236258 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 16:30:35 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 16:30:35 -0000 Subject: SUSE-SU-2025:0283-1: important: Security update for nginx Message-ID: <173816823598.22572.9915528895260380212@smelt2.prg2.suse.org> # Security update for nginx Announcement ID: SUSE-SU-2025:0283-1 Release Date: 2025-01-29T12:33:31Z Rating: important References: * bsc#1216171 * bsc#1229155 Cross-References: * CVE-2023-44487 * CVE-2024-7347 CVSS scores: * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7347 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-7347 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-7347 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-7347 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-7347 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for nginx fixes the following issues: * CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack (bsc#1216171) * CVE-2024-7347: Fixed worker crashes on special crafted mp4 files containing invalid chunk information (bsc#1229155) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-283=1 openSUSE-SLE-15.6-2025-283=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-283=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * nginx-debugsource-1.21.5-150600.10.3.1 * nginx-debuginfo-1.21.5-150600.10.3.1 * nginx-1.21.5-150600.10.3.1 * openSUSE Leap 15.6 (noarch) * nginx-source-1.21.5-150600.10.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * nginx-debugsource-1.21.5-150600.10.3.1 * nginx-debuginfo-1.21.5-150600.10.3.1 * nginx-1.21.5-150600.10.3.1 * Server Applications Module 15-SP6 (noarch) * nginx-source-1.21.5-150600.10.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2024-7347.html * https://bugzilla.suse.com/show_bug.cgi?id=1216171 * https://bugzilla.suse.com/show_bug.cgi?id=1229155 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 20:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 20:30:05 -0000 Subject: SUSE-SU-2025:0291-1: moderate: Security update for iperf Message-ID: <173818260540.22572.13176209427854380800@smelt2.prg2.suse.org> # Security update for iperf Announcement ID: SUSE-SU-2025:0291-1 Release Date: 2025-01-29T16:12:00Z Rating: moderate References: * bsc#1234705 Cross-References: * CVE-2024-53580 CVSS scores: * CVE-2024-53580 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53580 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53580 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for iperf fixes the following issues: * Update to version 3.18 * CVE-2024-53580: Fixed a segmentation violation via the iperf_exchange_parameters() function. (bsc#1234705) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-291=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-291=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-291=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * iperf-3.18-150000.3.12.1 * iperf-devel-3.18-150000.3.12.1 * iperf-debugsource-3.18-150000.3.12.1 * libiperf0-3.18-150000.3.12.1 * libiperf0-debuginfo-3.18-150000.3.12.1 * iperf-debuginfo-3.18-150000.3.12.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * iperf-3.18-150000.3.12.1 * iperf-devel-3.18-150000.3.12.1 * iperf-debugsource-3.18-150000.3.12.1 * libiperf0-3.18-150000.3.12.1 * libiperf0-debuginfo-3.18-150000.3.12.1 * iperf-debuginfo-3.18-150000.3.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * iperf-3.18-150000.3.12.1 * iperf-debugsource-3.18-150000.3.12.1 * libiperf0-3.18-150000.3.12.1 * libiperf0-debuginfo-3.18-150000.3.12.1 * iperf-debuginfo-3.18-150000.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53580.html * https://bugzilla.suse.com/show_bug.cgi?id=1234705 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 20:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 20:30:12 -0000 Subject: SUSE-SU-2025:0290-1: important: Security update for hplip Message-ID: <173818261236.22572.2693023195461684418@smelt2.prg2.suse.org> # Security update for hplip Announcement ID: SUSE-SU-2025:0290-1 Release Date: 2025-01-29T16:11:41Z Rating: important References: * bsc#1209401 * bsc#1214399 * bsc#1225777 * bsc#1234745 * jsc#PED-11978 * jsc#PED-5846 Cross-References: * CVE-2020-6923 CVSS scores: * CVE-2020-6923 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-6923 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability, contains two features and has three security fixes can now be installed. ## Description: This update for hplip fixes the following issues: This update for hplip fixes the following security issues: * CVE-2020-6923: Fixed a memory buffer overflow in the HP Linux Imaging and Printing (HPLIP). (bsc#1234745) This update for hplip fixes the following issues: Update to hplip 3.24.4 (jsc#PED-5846) * Added support for new printers: * Digital Sender Flow 8500 fn2 * HP Color LaserJet Managed FlowMFP E786z * HP Color LaserJet E85055dn * HP Color LaserJet Enterprise 5700 * HP Color LaserJet Enterprise 5700dn * HP Color LaserJet Enterprise 6700 * HP Color LaserJet Enterprise 6700dn * HP Color LaserJet Enterprise 6701 * HP Color LaserJet Enterprise 6701dn * HP Color LaserJet Enterprise Flow MFP 5800zf * HP Color LaserJet Enterprise Flow MFP 6800zf * HP Color LaserJet Enterprise Flow MFP 6800zfsw * HP Color LaserJet Enterprise Flow MFP 6800zfw+ * HP Color LaserJet Enterprise Flow MFP 6801zfw+ * HP Color LaserJet Enterprise Flow MFP M578c * HP Color LaserJet Enterprise Flow MFP M578z * HP Color LaserJet Enterprise Flow MFP X57945z * HP Color LaserJet Enterprise Flow MFP X57945zs * HP Color LaserJet Enterprise Flow MFP X58045z * HP Color LaserJet Enterprise Flow MFP X58045zs * HP Color LaserJet Enterprise Flow MFP X67755z+ * HP Color LaserJet Enterprise Flow MFP X67755zs * HP Color LaserJet Enterprise Flow MFP X67765z+ * HP Color LaserJet Enterprise Flow MFP X67765zs * HP Color LaserJet Enterprise Flow MFP X677z * HP Color LaserJet Enterprise Flow MFP X677z+ * HP Color LaserJet Enterprise Flow MFP X677zs * HP Color LaserJet Enterprise M455dn * HP Color LaserJet Enterprise M554dn * HP Color LaserJet Enterprise M555dn * HP Color LaserJet Enterprise M555x * HP Color LaserJet Enterprise M751dn * HP Color LaserJet Enterprise M751n * HP Color LaserJet Enterprise MFP 5800 * HP Color LaserJet Enterprise MFP 5800dn * HP Color LaserJet Enterprise MFP 5800f * HP Color LaserJet Enterprise MFP 6800 * HP Color LaserJet Enterprise MFP 6800dn * HP Color LaserJet Enterprise MFP 6801 * HP Color LaserJet Enterprise MFP 6801 zfsw * HP Color LaserJet Enterprise MFP M480f * HP Color LaserJet Enterprise MFP M578dn * HP Color LaserJet Enterprise MFP M578f * HP Color LaserJet Enterprise MFP X57945 * HP Color LaserJet Enterprise MFP X57945dn * HP Color LaserJet Enterprise MFP X58045 * HP Color LaserJet Enterprise MFP X58045dn??? * HP Color LaserJet Enterprise MFP X677 * HP Color LaserJet Enterprise MFP X677 55 to 65ppm License * HP Color LaserJet Enterprise MFP X677 65ppm * HP Color LaserJet Enterprise MFP X67755dn * HP Color LaserJet Enterprise MFP X67765dn * HP Color LaserJet Enterprise MFP X677dn * HP Color LaserJet Enterprise MFP X677s * HP Color LaserJet Enterprise X55745 * HP Color LaserJet Enterprise X55745dn * HP Color LaserJet Enterprise X654 * HP Color LaserJet Enterprise X654 55 to 65ppm License * HP Color LaserJet Enterprise X654 65 PPM * HP Color LaserJet Enterprise X654 Down License * HP Color LaserJet Enterprise X65455dn * HP Color LaserJet Enterprise X65465dn * HP Color LaserJet Enterprise X654dn * HP Color LaserJet Flow MFP M776z * HP Color LaserJet Flow MFP M776zs * HP Color LaserJet M856dn * HP Color LaserJet M856x * HP Color LaserJet Managed E45028dn * HP Color LaserJet Managed E55040dn * HP Color LaserJet Managed E55040dw * HP Color LaserJet Managed E65150dn * HP Color LaserJet Managed E65160dn * HP Color LaserJet Managed E75245dn * HP Color LaserJet Managed Flow MFP E57540c * HP Color LaserJet Managed Flow MFP E67660z * HP Color LaserJet Managed Flow MFP E78323z * HP Color LaserJet Managed Flow MFP E78325dn CN * HP Color LaserJet Managed Flow MFP E78325z CN * HP Color LaserJet Managed Flow MFP E78325z Plus * HP Color LaserJet Managed Flow MFP E78330z CN * HP Color LaserJet Managed Flow MFP E78330z Plus * HP Color LaserJet Managed Flow MFP E78625z * HP Color LaserJet Managed Flow MFP E78630z * HP Color LaserJet Managed Flow MFP E78635z * HP Color LaserJet Managed Flow MFP E87740z * HP Color LaserJet Managed Flow MFP E87750z * HP Color LaserJet Managed Flow MFP E87760z * HP Color LaserJet Managed Flow MFP E87770z * HP Color LaserJet Managed Flow MFP E877z * HP Color LaserJet Managed MFP E47528f * HP Color LaserJet Managed MFP E57540dn * HP Color LaserJet Managed MFP E67650dh * HP Color LaserJet Managed MFP E77422a * HP Color LaserJet Managed MFP E77422a-dv-dn * HP Color LaserJet Managed MFP E77422dn * HP Color LaserJet Managed MFP E77422dv * HP Color LaserJet Managed MFP E77428dn * HP Color LaserJet Managed MFP E77428dn * HP Color LaserJet Managed MFP E78223a * HP Color LaserJet Managed MFP E78223dn * HP Color LaserJet Managed MFP E78223dv * HP Color LaserJet Managed MFP E78228dn * HP Color LaserJet Managed MFP E78228dn CN * HP Color LaserJet Managed MFP E78228dn Plus * HP Color LaserJet Managed MFP E78323dn * HP Color LaserJet Managed MFP E78325dn * HP Color LaserJet Managed MFP E78325z * HP Color LaserJet Managed MFP E78330dn * HP Color LaserJet Managed MFP E78330z * HP Color LaserJet Managed MFP E78523dn * HP Color LaserJet Managed MFP E78528dn * HP Color LaserJet Managed MFP E785dn * HP Color LaserJet Managed MFP E786 Core Printer * HP Color LaserJet Managed MFP E78625dn * HP Color LaserJet Managed MFP E78630dn * HP Color LaserJet Managed MFP E78635dn * HP Color LaserJet Managed MFP E786dn * HP Color LaserJet Managed MFP E87640 du * HP Color LaserJet Managed MFP E87640-50-60 dn-du-z * HP Color LaserJet Managed MFP E87650du * HP Color LaserJet Managed MFP E87660du * HP Color LaserJet Managed MFP E877 Core Printer * HP Color LaserJet Managed MFP E87740dn * HP Color LaserJet Managed MFP E87750dn * HP Color LaserJet Managed MFP E87760dn * HP Color LaserJet Managed MFP E87770dn * HP Color LaserJet Managed MFP E877dn * HP Color LaserJet MFP M776dn * HP Color LaserJet Mgd Flw MFPE78323z CN * HP Color LaserJet Mgd Flw MFPE78323Z Plus * HP Color LaserJet Mngd MFP E78223dn CN * HP Color LaserJet Mngd MFP E78223dn Plus * HP Color LaserJet Mngd MFP E78323dn CN * HP Color LaserJet Mngd MFP E78323dn Plus * HP Color LaserJet Mngd MFP E78330dn CN * HP Color LaserJet Mngd MFP E78330dn Plus * HP Color LaserJet Pro 4201cdne * HP Color LaserJet Pro 4201cdwe * HP Color LaserJet Pro 4201dne * HP Color LaserJet Pro 4201dwe * HP Color LaserJet Pro 4202dn * HP Color LaserJet Pro 4202dne * HP Color LaserJet Pro 4202dw * HP Color LaserJet Pro 4202dwe * HP Color LaserJet Pro 4203cdn * HP Color LaserJet Pro 4203cdw * HP Color LaserJet Pro 4203dn * HP Color LaserJet Pro 4203dw * HP Color LaserJet Pro M155a * HP Color LaserJet Pro M155nw * HP Color LaserJet Pro M156a * HP Color LaserJet Pro M156nw * HP Color LaserJet Pro M255dn * HP Color LaserJet Pro M255dw * HP Color LaserJet Pro M255nw * HP Color LaserJet Pro M256dn * HP Color LaserJet Pro M256dw * HP Color LaserJet Pro M256nw * HP Color LaserJet Pro M453cdn * HP Color LaserJet Pro M453cdw * HP Color LaserJet Pro M454cdn * HP Color LaserJet Pro M454cdw * HP Color LaserJet Pro M454dn * HP Color LaserJet Pro M454dw * HP Color LaserJet Pro M454nw * HP Color LaserJet Pro MFP 4301cdwe * HP Color LaserJet Pro MFP 4301cfdne * HP Color LaserJet Pro MFP 4301cfdwe * HP Color LaserJet Pro MFP 4301fdne * HP Color LaserJet Pro MFP 4301fdwe * HP Color LaserJet Pro MFP 4302cdwe * HP Color LaserJet Pro MFP 4302dwe * HP Color LaserJet Pro MFP 4302fdn * HP Color LaserJet Pro MFP 4302fdne * HP Color LaserJet Pro MFP 4302fdw * HP Color LaserJet Pro MFP 4302fdwe * HP Color LaserJet Pro MFP 4303cdw * HP Color LaserJet Pro MFP 4303cfdn * HP Color LaserJet Pro MFP 4303cfdw * HP Color LaserJet Pro MFP 4303dw * HP Color LaserJet Pro MFP 4303fdn * HP Color LaserJet Pro MFP 4303fdw * HP Color LaserJet Pro MFP M182n * HP Color LaserJet Pro MFP M182nw * HP Color LaserJet Pro MFP M183fw * HP Color LaserJet Pro MFP M184n * HP Color LaserJet Pro MFP M184nw * HP Color LaserJet Pro MFP M185fw * HP Color LaserJet Pro MFP M282nw * HP Color LaserJet Pro MFP M283cdw * HP Color LaserJet Pro MFP M283fdn * HP Color LaserJet Pro MFP M283fdw * HP Color LaserJet Pro MFP M284nw * HP Color LaserJet Pro MFP M285cdw * HP Color LaserJet Pro MFP M285fdn * HP Color LaserJet Pro MFP M285fdw * HP Color LaserJet Pro MFP M478fcdn * HP Color LaserJet Pro MFP M478fcdw * HP Color LaserJet Pro MFP M479dw * HP Color LaserJet Pro MFP M479fcdn * HP Color LaserJet Pro MFP M479fcdw * HP Color LaserJet Pro MFP M479fdn * HP Color LaserJet Pro MFP M479fdw * HP Color LaserJet Pro MFP M479fnw * HP DesignJet T1530 Postscript * HP DesignJet T1600 Postscript Printer * HP DesignJet T1600dr Postscript Printer * HP DesignJet T1708 PostScript * HP DesignJet T1708dr PostScript * HP DesignJet T2530 Postscript * HP DesignJet T2600 Postscript MFP * HP DesignJet T2600dr Postscript MFP * HP DesignJet T930 Postscript * HP DesignJet XL 3600 PS MFP * HP DesignJet Z6 24in * HP DesignJet Z6 44in * HP DesignJet Z6 Pro 64in * HP DesignJet Z6dr 44in * HP DesignJet Z9 24in * HP DesignJet Z9 44in * HP DesignJet Z9 Pro 64in * HP DesignJet Z9dr 44in * HP DeskJet 1200 * HP DeskJet 2300 All-in-One * HP DeskJet 2700 All-in-One Printer series * HP DeskJet 2800 All-in-One Printer series * HP DeskJet 2800e All-in-One Printer series * HP DeskJet 4200 All-in-One Printer series * HP DeskJet 4200e All-in-One Printer series * HP DeskJet Ink Advantage 1200 * HP DeskJet Ink Advantage 2300 All-in-One * HP DeskJet Ink Advantage 2700 All-in-One Printer series * HP DeskJet Ink Advantage 2800 All-in-One Printer series * HP DeskJet Ink Advantage 4100 All-in-One Printer series * HP DeskJet Ink Advantage 4200 All-in-One Printer series * HP DeskJet Ink Advantage Ultra 4800 All-in-One Printer series * HP DeskJet Ink Advantage Ultra 4900 All-in-One Printer series * HP DeskJet Plus 4100 All-in-One Printer series * HP DeskJet Plus 6000 series * HP DeskJet Plus 6400 series * HP ENVY 6000 series * HP Envy 6400 series * HP ENVY Inspire 7200e series * HP ENVY Inspire 7900e series * HP ENVY Pro 6400 series * HP Ink Tank 115 * HP Ink Tank 310 * HP Ink Tank Wireless 410 * HP Lasejet M211d * HP Laser NS 1020 * HP Laser NS 1020n * HP Laser NS 1020w * HP Laser NS MFP 1005 * HP Laser NS MFP 1005n * HP Laser NS MFP 1005w * HP LaserJet Enterprise Flow MFP M528c * HP LaserJet Enterprise Flow MFP M528z * HP LaserJet Enterprise Flow MFP M634h * HP LaserJet Enterprise Flow MFP M635z * HP LaserJet Enterprise Flow MFP M636z * HP LaserJet Enterprise M406dn * HP LaserJet Enterprise M407dn * HP LaserJet Enterprise M507dn * HP LaserJet Enterprise M507dng * HP LaserJet Enterprise M507n * HP LaserJet Enterprise M507x * HP LaserJet Enterprise M610dn * HP LaserJet Enterprise M611dn * HP LaserJet Enterprise M611x * HP LaserJet Enterprise M612dn * HP LaserJet Enterprise M612x * HP LaserJet Enterprise MFP M430f * HP LaserJet Enterprise MFP M431f * HP LaserJet Enterprise MFP M528dn * HP LaserJet Enterprise MFP M528f * HP LaserJet Enterprise MFP M634dn * HP LaserJet Enterprise MFP M634z * HP LaserJet Enterprise MFP M635fht * HP LaserJet Enterprise MFP M635h * HP LaserJet Enterprise MFP M636fh * HP LaserJet M109a * HP LaserJet M109w * HP LaserJet M109we * HP LaserJet M110a * HP LaserJet M110w * HP LaserJet M110we * HP LaserJet M111a * HP LaserJet M111w * HP LaserJet M111we * HP LaserJet M112a * HP LaserJet M112w * HP LaserJet M112we * HP Laserjet M207d * HP Laserjet M207dw * HP Laserjet M208d * HP Laserjet M208dw * HP Laserjet M209d * HP Laserjet M209dw * HP Laserjet M209dwe * HP Laserjet M210d * HP Laserjet M210dw * HP Laserjet M210dwe * HP Laserjet M211dw * HP Laserjet M212d * HP Laserjet M212dw * HP LaserJet M212dwe * HP LaserJet Managed E40040dn * HP LaserJet Managed E50145dn * HP LaserJet Managed E50145x * HP LaserJet Managed E60155dn * HP LaserJet Managed E60165dn * HP LaserJet Managed E60175dn * HP LaserJet Managed Flow MFP E52645c * HP LaserJet Managed Flow MFP E62665h * HP LaserJet Managed Flow MFP E62665z * HP LaserJet Managed Flow MFP E62675z * HP LaserJet Managed Flow MFP E72525-30-35 Printer * HP LaserJet Managed Flow MFP E73130z * HP LaserJet Managed Flow MFP E73135z * HP LaserJet Managed Flow MFP E73140z * HP LaserJet Managed Flow MFP E731z * HP LaserJet Managed Flow MFP E77822-28-30 Printer * HP LaserJet Managed Flow MFP E82540-50-60 Printer * HP LaserJet Managed Flow MFP E82650z * HP LaserJet Managed Flow MFP E82660z * HP LaserJet Managed Flow MFP E82670z * HP LaserJet Managed Flow MFP E826z * HP LaserJet Managed Flow MFP E87640-50-60 Printer * HP LaserJet Managed MFP E42540f * HP LaserJet Managed MFP E52645dn * HP LaserJet Managed MFP E62655dn * HP LaserJet Managed MFP E62665hs * HP LaserJet Managed MFP E72525-30-35 Printer * HP LaserJet Managed MFP E73025dn * HP LaserJet Managed MFP E73030dn * HP LaserJet Managed MFP E730dn * HP LaserJet Managed MFP E731 Core Printer * HP LaserJet Managed MFP E73130dn * HP LaserJet Managed MFP E73135dn * HP LaserJet Managed MFP E73140dn * HP LaserJet Managed MFP E731dn * HP LaserJet Managed MFP E77822-28-30 Printer * HP LaserJet Managed MFP E82540-50-60 dn-du-z * HP LaserJet Managed MFP E82540-50-60 Printer * HP LaserJet Managed MFP E82540du * HP LaserJet Managed MFP E82550du * HP LaserJet Managed MFP E82560du * HP LaserJet Managed MFP E826 Core Printer * HP LaserJet Managed MFP E82650dn * HP LaserJet Managed MFP E82660dn * HP LaserJet Managed MFP E82670dn * HP LaserJet Managed MFP E826dn * HP LaserJet Managed MFP E87640-50-60 Printer * HP LaserJet MFP E72425a * HP LaserJet MFP E72425a-dv-dn * HP LaserJet MFP E72425dn * HP LaserJet MFP E72425dv * HP LaserJet MFP E72430dn * HP LaserJet MFP E72430dn * HP LaserJet MFP M139a * HP LaserJet MFP M139w * HP LaserJet MFP M139we * HP LaserJet MFP M140a * HP LaserJet MFP M140w * HP LaserJet MFP M140we * HP LaserJet MFP M141a * HP LaserJet MFP M141w * HP LaserJet MFP M141we * HP LaserJet MFP M142a * HP LaserJet MFP M142w * HP LaserJet MFP M142we * HP LaserJet MFP M232d * HP LaserJet MFP M232dw * HP LaserJet MFP M232dwc * HP LaserJet MFP M232sdn * HP LaserJet MFP M232sdw * HP LaserJet MFP M233d * HP LaserJet MFP M233dw * HP LaserJet MFP M233sdn * HP LaserJet MFP M233sdw * HP LaserJet MFP M234dw * HP LaserJet MFP M234dwe * HP LaserJet MFP M234sdn * HP LaserJet MFP M234sdne * HP LaserJet MFP M234sdw * HP LaserJet MFP M234sdwe * HP LaserJet MFP M235d * HP LaserJet MFP M235dw * HP LaserJet MFP M235dwe * HP LaserJet MFP M235sdn * HP LaserJet MFP M235sdne * HP LaserJet MFP M235sdw * HP LaserJet MFP M235sdwe * HP LaserJet MFP M236d * HP LaserJet MFP M236dw * HP LaserJet MFP M236sdn * HP LaserJet MFP M236sdw * HP LaserJet MFP M237d * HP LaserJet MFP M237dw * HP LaserJet MFP M237dwe * HP LaserJet MFP M237sdn * HP LaserJet MFP M237sdne * HP LaserJet MFP M237sdw * HP LaserJet MFP M237sdwe * HP LaserJet Pro 3001dn * HP LaserJet Pro 3001dne * HP LaserJet Pro 3001dw * HP LaserJet Pro 3001dwe * HP LaserJet Pro 3002dn * HP LaserJet Pro 3002dne * HP LaserJet Pro 3002dw * HP LaserJet Pro 3002dwe * HP LaserJet Pro 3003dn * HP LaserJet Pro 3003dw * HP LaserJet Pro 3004dn * HP LaserJet Pro 3004dw * HP LaserJet Pro 4001d * HP LaserJet Pro 4001de * HP LaserJet Pro 4001dn * HP LaserJet Pro 4001dne * HP LaserJet Pro 4001dw * HP LaserJet Pro 4001dwe * HP LaserJet Pro 4001n * HP LaserJet Pro 4001ne * HP LaserJet Pro 4002d * HP LaserJet Pro 4002de * HP LaserJet Pro 4002dn * HP LaserJet Pro 4002dne * HP LaserJet Pro 4002dw * HP LaserJet Pro 4002dwe * HP LaserJet Pro 4002n * HP LaserJet Pro 4002ne * HP LaserJet Pro 4003d * HP LaserJet Pro 4003dn * HP LaserJet Pro 4003dw * HP LaserJet Pro 4003n * HP LaserJet Pro 4004d * HP LaserJet Pro 4004dn * HP LaserJet Pro 4004dw * HP LaserJet Pro M118dw * HP LaserJet Pro M118dw * HP LaserJet Pro M119dw * HP LaserJet Pro M119dw * HP LaserJet Pro M304a * HP LaserJet Pro M305d * HP LaserJet Pro M305dn * HP LaserJet Pro M305dw * HP LaserJet Pro M404c1 * HP LaserJet Pro M404c2 * HP LaserJet Pro M404c3 * HP LaserJet Pro M404c4 * HP LaserJet Pro M404d * HP LaserJet Pro M404dn * HP LaserJet Pro M404dw * HP LaserJet Pro M404m * HP LaserJet Pro M404n * HP LaserJet Pro M405d * HP LaserJet Pro M405dn * HP LaserJet Pro M405dw * HP LaserJet Pro M405n * HP LaserJet Pro MFP 3101fdn * HP LaserJet Pro MFP 3101fdne * HP LaserJet Pro MFP 3101fdw * HP LaserJet Pro MFP 3101fdwe * HP LaserJet Pro MFP 3102fdn * HP LaserJet Pro MFP 3102fdne * HP LaserJet Pro MFP 3102fdw * HP LaserJet Pro MFP 3102fdwe * HP LaserJet Pro MFP 3103fdn * HP LaserJet Pro MFP 3103fdw * HP LaserJet Pro MFP 3104fdn * HP LaserJet Pro MFP 3104fdw * HP LaserJet Pro MFP 4101dw * HP LaserJet Pro MFP 4101dwe * HP LaserJet Pro MFP 4101fdn * HP LaserJet Pro MFP 4101fdne * HP LaserJet Pro MFP 4101fdw * HP LaserJet Pro MFP 4101fdwe * HP LaserJet Pro MFP 4102dw * HP LaserJet Pro MFP 4102dwe * HP LaserJet Pro MFP 4102fdn * HP LaserJet Pro MFP 4102fdne * HP LaserJet Pro MFP 4102fdw * HP LaserJet Pro MFP 4102fdwe * HP LaserJet Pro MFP 4102fnw * HP LaserJet Pro MFP 4102fnwe * HP LaserJet Pro MFP 4103dn * HP LaserJet Pro MFP 4103dw * HP LaserJet Pro MFP 4103fdn * HP LaserJet Pro MFP 4103fdw * HP LaserJet Pro MFP 4104dw * HP LaserJet Pro MFP 4104fdn * HP LaserJet Pro MFP 4104fdw * HP LaserJet Pro MFP M148dw * HP LaserJet Pro MFP M148dw * HP LaserJet Pro MFP M148fdw * HP LaserJet Pro MFP M148fdw * HP LaserJet Pro MFP M149dw * HP LaserJet Pro MFP M149dw * HP LaserJet Pro MFP M149fdw * HP LaserJet Pro MFP M149fdw * HP LaserJet Pro MFP M329dn * HP LaserJet Pro MFP M329dw * HP LaserJet Pro MFP M428c1 * HP LaserJet Pro MFP M428c2 * HP LaserJet Pro MFP M428c3 * HP LaserJet Pro MFP M428c4 * HP LaserJet Pro MFP M428dw * HP LaserJet Pro MFP M428fdn * HP LaserJet Pro MFP M428fdw * HP LaserJet Pro MFP M428m * HP LaserJet Pro MFP M429dw * HP LaserJet Pro MFP M429fdn * HP LaserJet Pro MFP M429fdw * HP LaserJet Pro P1106 plus * HP LaserJet Pro P1108 plus * HP LaserJet Tank 1020 * HP LaserJet Tank 1020nw * HP LaserJet Tank 1020w * HP LaserJet Tank 1502a * HP LaserJet Tank 1502w * HP LaserJet Tank 1504w * HP LaserJet Tank 2502dn * HP LaserJet Tank 2502dw * HP LaserJet Tank 2503dw * HP LaserJet Tank 2504dw * HP LaserJet Tank 2506d * HP LaserJet Tank 2506dn * HP LaserJet Tank 2506dw * HP LaserJet Tank MFP 1005 * HP LaserJet Tank MFP 1005nw * HP LaserJet Tank MFP 1005w * HP LaserJet Tank MFP 1602a * HP LaserJet Tank MFP 1602w * HP LaserJet Tank MFP 1604w * HP LaserJet Tank MFP 2602dn * HP LaserJet Tank MFP 2602dw * HP LaserJet Tank MFP 2602sdn * HP LaserJet Tank MFP 2602sdw * HP LaserJet Tank MFP 2603dw * HP LaserJet Tank MFP 2603sdw * HP LaserJet Tank MFP 2604dw * HP LaserJet Tank MFP 2604sdw * HP LaserJet Tank MFP 2605sdw * HP LaserJet Tank MFP 2606dc * HP LaserJet Tank MFP 2606dn * HP LaserJet Tank MFP 2606dw * HP LaserJet Tank MFP 2606sdn * HP LaserJet Tank MFP 2606sdw * HP Neverstop Laser 1000a * HP Neverstop Laser 1000n * HP Neverstop Laser 1000w * HP Neverstop Laser 1001nw * HP Neverstop Laser MFP 1200a * HP Neverstop Laser MFP 1200n * HP Neverstop Laser MFP 1200nw * HP Neverstop Laser MFP 1200w * HP Neverstop Laser MFP 1201n * HP Neverstop Laser MFP 1202nw * HP OfficeJet 8010 All * in * One Printer series * HP OfficeJet 8020 All * in * One Printer Series * HP OfficeJet 8120 All-in-One series * HP OfficeJet 8130 All-in-One series * HP OfficeJet All-in-One 9010 * HP OfficeJet Pro 8020 All * in * One Printer series * HP OfficeJet Pro 8030 All * in * One Printer series * HP OfficeJet Pro 8120 All-in-One series * HP OfficeJet Pro 8130 All-in-One series * HP OfficeJet Pro 9110b series * HP OfficeJet Pro 9120b series * HP OfficeJet Pro 9130b series * HP OfficeJet Pro 9720 Series * HP OfficeJet Pro 9730 Series * HP OfficeJet Pro All-in-One 9010 * HP OfficeJet Pro All-in-One 9020 * HP PageWide 755dn * HP PageWide 755dn * HP PageWide MFP 774dn * HP PageWide MFP 774dn * HP PageWide MFP 774dns * HP PageWide MFP 774dns * HP PageWide MFP 779dn * HP PageWide MFP 779dn * HP PageWide MFP 779dns * HP PageWide MFP 779dns * HP PageWide XL 3900PS MFP * HP PageWide XL 3920 MFP * HP PageWide XL 3920 MFP * HP PageWide XL 4100 MFP * HP PageWide XL 4100 Printer * HP PageWide XL 4200 Multifunction Printer * HP PageWide XL 4200 Multifunction Printer * HP PageWide XL 4200 Printer * HP PageWide XL 4200 Printer * HP PageWide XL 4600 Printer * HP PageWide XL 4600PS MFP * HP PageWide XL 4700 Multifunction Printer * HP PageWide XL 4700 Multifunction Printer * HP PageWide XL 4700 Printer * HP PageWide XL 4700 Printer * HP PageWide XL 5200 Multifunction Printer * HP PageWide XL 5200 Multifunction Printer * HP PageWide XL 5200 Printer * HP PageWide XL 5200 Printer * HP PageWide XL 8200 Printer * HP PageWide XL 8200 Printer * HP PageWide XL Pro 5200 PS MFP series * HP PageWide XL Pro 8200 PS MFP series * HP Scanjet Enterprise 7500 Flatbed Scanner * HP Scanjet Enterprise 7500 Flatbed Scanner * HP ScanJet Enterprise Flow 5000 s5 * HP ScanJet Enterprise Flow N6600 fnw1 * HP ScanJet Enterprise Flow N7000 snw1 * HP Scanjet Pro 2000 S1 * HP ScanJet Pro 2000 s2 * HP Scanjet Pro 2500 f1 * HP ScanJet Pro 2600 f1 * HP ScanJet Pro 3000 s4 * HP ScanJet Pro 3600 f1 * HP ScanJet Pro N4000 snw1 * HP ScanJet Pro N4600 fnw1 * HP Smart Tank 210-220 series * HP Smart Tank 350 * HP Smart Tank 500 series * HP Smart Tank 500 series * HP Smart Tank 510 * HP Smart Tank 5100 series * HP Smart Tank 520_540 series * HP Smart Tank 530 series * HP Smart Tank 530 series * HP Smart Tank 580-590 series * HP Smart Tank 610 * HP Smart Tank 750 * HP Smart Tank 7600 * HP Smart Tank 790 * HP Smart Tank Plus 550 * HP Smart Tank Plus 570 series * HP Smart Tank Plus 570 series * HP Smart Tank Plus 6000 * HP Smart Tank Plus 650 * HP Smart Tank Plus 660-670 * HP Smart Tank Plus 7000 * HP Smart Tank Plus 710-720 * HP Smart Tank Wireless 450 * HP Tango * HP Tango X * ScanJet 5000 * ScanJet 7500 * Scanjet Ent flow 7000s3 * Scanjet Ent. Flow N9120 fn2 * Scanjet Pro 3000s3 * Scanjet Pro 3500f1 * Scanjet Pro 4500fn1 * Bug fixes: * hpmud: sanitize printer serial number (bsc#1209401, lp#2012262) * hppsfilter: booklet printing: change insecure fixed /tmp file paths (bsc#1214399) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-290=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-290=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * hplip-3.24.4-3.5.1 * hplip-debugsource-3.24.4-3.5.1 * hplip-hpijs-debuginfo-3.24.4-3.5.1 * hplip-udev-rules-3.24.4-3.5.1 * hplip-hpijs-3.24.4-3.5.1 * hplip-sane-3.24.4-3.5.1 * hplip-debuginfo-3.24.4-3.5.1 * hplip-devel-3.24.4-3.5.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * hplip-sane-debuginfo-3.24.4-3.5.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * hplip-3.24.4-3.5.1 * hplip-sane-debuginfo-3.24.4-3.5.1 * hplip-debugsource-3.24.4-3.5.1 * hplip-hpijs-debuginfo-3.24.4-3.5.1 * hplip-udev-rules-3.24.4-3.5.1 * hplip-hpijs-3.24.4-3.5.1 * hplip-sane-3.24.4-3.5.1 * hplip-debuginfo-3.24.4-3.5.1 * hplip-devel-3.24.4-3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2020-6923.html * https://bugzilla.suse.com/show_bug.cgi?id=1209401 * https://bugzilla.suse.com/show_bug.cgi?id=1214399 * https://bugzilla.suse.com/show_bug.cgi?id=1225777 * https://bugzilla.suse.com/show_bug.cgi?id=1234745 * https://jira.suse.com/browse/PED-11978 * https://jira.suse.com/browse/PED-5846 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 20:35:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 Jan 2025 20:35:13 -0000 Subject: SUSE-SU-2025:0289-1: important: Security update for the Linux Kernel Message-ID: <173818291333.22572.6250808912498816026@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0289-1 Release Date: 2025-01-29T16:11:30Z Rating: important References: * bsc#1012628 * bsc#1194869 * bsc#1214954 * bsc#1215199 * bsc#1216813 * bsc#1218470 * bsc#1220355 * bsc#1220711 * bsc#1220773 * bsc#1221326 * bsc#1224095 * bsc#1224726 * bsc#1225743 * bsc#1225758 * bsc#1225820 * bsc#1225897 * bsc#1227445 * bsc#1228526 * bsc#1228592 * bsc#1229809 * bsc#1229833 * bsc#1230205 * bsc#1230413 * bsc#1230557 * bsc#1230697 * bsc#1230807 * bsc#1230827 * bsc#1231016 * bsc#1231854 * bsc#1231909 * bsc#1231963 * bsc#1232087 * bsc#1232157 * bsc#1232158 * bsc#1232166 * bsc#1232193 * bsc#1232198 * bsc#1232201 * bsc#1232418 * bsc#1232419 * bsc#1232420 * bsc#1232421 * bsc#1232436 * bsc#1232882 * bsc#1233038 * bsc#1233055 * bsc#1233070 * bsc#1233096 * bsc#1233112 * bsc#1233200 * bsc#1233201 * bsc#1233204 * bsc#1233239 * bsc#1233259 * bsc#1233260 * bsc#1233324 * bsc#1233328 * bsc#1233461 * bsc#1233467 * bsc#1233468 * bsc#1233469 * bsc#1233485 * bsc#1233488 * bsc#1233523 * bsc#1233546 * bsc#1233547 * bsc#1233550 * bsc#1233558 * bsc#1233568 * bsc#1233637 * bsc#1233638 * bsc#1233642 * bsc#1233772 * bsc#1233837 * bsc#1234024 * bsc#1234069 * bsc#1234071 * bsc#1234073 * bsc#1234075 * bsc#1234076 * bsc#1234077 * bsc#1234078 * bsc#1234079 * bsc#1234085 * bsc#1234086 * bsc#1234139 * bsc#1234140 * bsc#1234141 * bsc#1234142 * bsc#1234143 * bsc#1234144 * bsc#1234145 * bsc#1234146 * bsc#1234147 * bsc#1234148 * bsc#1234149 * bsc#1234150 * bsc#1234153 * bsc#1234155 * bsc#1234156 * bsc#1234158 * bsc#1234159 * bsc#1234160 * bsc#1234161 * bsc#1234162 * bsc#1234163 * bsc#1234164 * bsc#1234165 * bsc#1234166 * bsc#1234167 * bsc#1234168 * bsc#1234169 * bsc#1234170 * bsc#1234171 * bsc#1234172 * bsc#1234173 * bsc#1234174 * bsc#1234175 * bsc#1234176 * bsc#1234177 * bsc#1234178 * bsc#1234179 * bsc#1234180 * bsc#1234181 * bsc#1234182 * bsc#1234183 * bsc#1234184 * bsc#1234185 * bsc#1234186 * bsc#1234187 * bsc#1234188 * bsc#1234189 * bsc#1234190 * bsc#1234191 * bsc#1234192 * bsc#1234193 * bsc#1234194 * bsc#1234195 * bsc#1234196 * bsc#1234197 * bsc#1234198 * bsc#1234199 * bsc#1234200 * bsc#1234201 * bsc#1234203 * bsc#1234204 * bsc#1234205 * bsc#1234207 * bsc#1234208 * bsc#1234209 * bsc#1234219 * bsc#1234220 * bsc#1234221 * bsc#1234223 * bsc#1234237 * bsc#1234238 * bsc#1234239 * bsc#1234240 * bsc#1234241 * bsc#1234242 * bsc#1234243 * bsc#1234278 * bsc#1234279 * bsc#1234280 * bsc#1234281 * bsc#1234282 * bsc#1234294 * bsc#1234338 * bsc#1234357 * bsc#1234381 * bsc#1234454 * bsc#1234464 * bsc#1234605 * bsc#1234619 * bsc#1234635 * bsc#1234651 * bsc#1234652 * bsc#1234654 * bsc#1234655 * bsc#1234657 * bsc#1234658 * bsc#1234659 * bsc#1234668 * bsc#1234690 * bsc#1234725 * bsc#1234726 * bsc#1234810 * bsc#1234811 * bsc#1234825 * bsc#1234826 * bsc#1234827 * bsc#1234829 * bsc#1234832 * bsc#1234834 * bsc#1234843 * bsc#1234846 * bsc#1234848 * bsc#1234853 * bsc#1234855 * bsc#1234856 * bsc#1234863 * bsc#1234884 * bsc#1234887 * bsc#1234888 * bsc#1234889 * bsc#1234891 * bsc#1234893 * bsc#1234898 * bsc#1234899 * bsc#1234900 * bsc#1234901 * bsc#1234905 * bsc#1234906 * bsc#1234907 * bsc#1234909 * bsc#1234911 * bsc#1234912 * bsc#1234916 * bsc#1234918 * bsc#1234920 * bsc#1234921 * bsc#1234922 * bsc#1234923 * bsc#1234929 * bsc#1234930 * bsc#1234931 * bsc#1234934 * bsc#1234937 * bsc#1234948 * bsc#1234950 * bsc#1234952 * bsc#1234957 * bsc#1234960 * bsc#1234962 * bsc#1234963 * bsc#1234968 * bsc#1234969 * bsc#1234970 * bsc#1234971 * bsc#1234973 * bsc#1234974 * bsc#1234989 * bsc#1234999 * bsc#1235000 * bsc#1235002 * bsc#1235003 * bsc#1235004 * bsc#1235007 * bsc#1235009 * bsc#1235011 * bsc#1235016 * bsc#1235019 * bsc#1235031 * bsc#1235032 * bsc#1235033 * bsc#1235035 * bsc#1235037 * bsc#1235038 * bsc#1235039 * bsc#1235040 * bsc#1235042 * bsc#1235043 * bsc#1235045 * bsc#1235046 * bsc#1235050 * bsc#1235051 * bsc#1235053 * bsc#1235054 * bsc#1235056 * bsc#1235057 * bsc#1235059 * bsc#1235061 * bsc#1235065 * bsc#1235070 * bsc#1235073 * bsc#1235075 * bsc#1235100 * bsc#1235108 * bsc#1235112 * bsc#1235115 * bsc#1235117 * bsc#1235122 * bsc#1235123 * bsc#1235125 * bsc#1235128 * bsc#1235132 * bsc#1235133 * bsc#1235134 * bsc#1235138 * bsc#1235155 * bsc#1235160 * bsc#1235219 * bsc#1235220 * bsc#1235222 * bsc#1235223 * bsc#1235224 * bsc#1235227 * bsc#1235241 * bsc#1235246 * bsc#1235249 * bsc#1235251 * bsc#1235252 * bsc#1235389 * bsc#1235391 * bsc#1235406 * bsc#1235409 * bsc#1235410 * bsc#1235412 * bsc#1235413 * bsc#1235415 * bsc#1235416 * bsc#1235417 * bsc#1235423 * bsc#1235424 * bsc#1235425 * bsc#1235426 * bsc#1235427 * bsc#1235428 * bsc#1235429 * bsc#1235433 * bsc#1235437 * bsc#1235439 * bsc#1235444 * bsc#1235445 * bsc#1235449 * bsc#1235451 * bsc#1235454 * bsc#1235458 * bsc#1235459 * bsc#1235464 * bsc#1235466 * bsc#1235473 * bsc#1235479 * bsc#1235480 * bsc#1235483 * bsc#1235486 * bsc#1235488 * bsc#1235491 * bsc#1235494 * bsc#1235495 * bsc#1235496 * bsc#1235497 * bsc#1235500 * bsc#1235502 * bsc#1235503 * bsc#1235507 * bsc#1235519 * bsc#1235520 * bsc#1235521 * bsc#1235523 * bsc#1235526 * bsc#1235528 * bsc#1235532 * bsc#1235533 * bsc#1235534 * bsc#1235537 * bsc#1235538 * bsc#1235550 * bsc#1235552 * bsc#1235555 * bsc#1235557 * bsc#1235563 * bsc#1235564 * bsc#1235565 * bsc#1235568 * bsc#1235570 * bsc#1235571 * bsc#1235577 * bsc#1235584 * bsc#1235587 * bsc#1235611 * bsc#1235616 * bsc#1235622 * bsc#1235627 * bsc#1235632 * bsc#1235635 * bsc#1235641 * bsc#1235643 * bsc#1235645 * bsc#1235646 * bsc#1235647 * bsc#1235650 * bsc#1235653 * bsc#1235657 * bsc#1235663 * bsc#1235700 * bsc#1235705 * bsc#1235707 * bsc#1235708 * bsc#1235710 * bsc#1235714 * bsc#1235716 * bsc#1235720 * bsc#1235723 * bsc#1235727 * bsc#1235730 * bsc#1235737 * bsc#1235739 * bsc#1235745 * bsc#1235747 * bsc#1235750 * bsc#1235753 * bsc#1235759 * bsc#1235764 * bsc#1235768 * bsc#1235776 * bsc#1235777 * bsc#1235778 * bsc#1235779 * bsc#1235793 * bsc#1235798 * bsc#1235806 * bsc#1235808 * bsc#1235812 * bsc#1235814 * bsc#1235818 * bsc#1235842 * bsc#1235894 * bsc#1235902 * bsc#1235903 * bsc#1235906 * bsc#1235918 * bsc#1235919 * bsc#1235920 * bsc#1235924 * bsc#1235940 * bsc#1235946 * bsc#1235952 * bsc#1235964 * bsc#1235965 * bsc#1235967 * bsc#1235969 * bsc#1235976 * bsc#1235977 * bsc#1236078 * bsc#1236080 * bsc#1236082 * bsc#1236088 * bsc#1236090 * bsc#1236091 * bsc#1236096 * bsc#1236097 * bsc#1236098 * bsc#1236101 * bsc#1236102 * bsc#1236104 * bsc#1236106 * bsc#1236120 * bsc#1236125 * bsc#1236131 * bsc#1236138 * bsc#1236143 * bsc#1236144 * bsc#1236145 * bsc#1236168 * bsc#1236178 * bsc#1236180 * bsc#1236181 * bsc#1236190 * bsc#1236198 * bsc#1236227 * bsc#1236248 * jsc#PED-10467 * jsc#PED-7242 Cross-References: * CVE-2023-52489 * CVE-2023-52923 * CVE-2024-26596 * CVE-2024-26924 * CVE-2024-27397 * CVE-2024-35839 * CVE-2024-36476 * CVE-2024-36908 * CVE-2024-36915 * CVE-2024-39282 * CVE-2024-39480 * CVE-2024-41042 * CVE-2024-43913 * CVE-2024-44934 * CVE-2024-44996 * CVE-2024-45828 * CVE-2024-46680 * CVE-2024-46765 * CVE-2024-46800 * CVE-2024-46896 * CVE-2024-47141 * CVE-2024-47143 * CVE-2024-47678 * CVE-2024-47809 * CVE-2024-48873 * CVE-2024-48881 * CVE-2024-49569 * CVE-2024-49854 * CVE-2024-49884 * CVE-2024-49915 * CVE-2024-49944 * CVE-2024-49951 * CVE-2024-49952 * CVE-2024-49998 * CVE-2024-50016 * CVE-2024-50018 * CVE-2024-50039 * CVE-2024-50047 * CVE-2024-50051 * CVE-2024-50106 * CVE-2024-50143 * CVE-2024-50151 * CVE-2024-50154 * CVE-2024-50199 * CVE-2024-50202 * CVE-2024-50203 * CVE-2024-50211 * CVE-2024-50228 * CVE-2024-50252 * CVE-2024-50256 * CVE-2024-50262 * CVE-2024-50272 * CVE-2024-50278 * CVE-2024-50279 * CVE-2024-50280 * CVE-2024-50296 * CVE-2024-50299 * CVE-2024-52332 * CVE-2024-53043 * CVE-2024-53050 * CVE-2024-53051 * CVE-2024-53055 * CVE-2024-53056 * CVE-2024-53064 * CVE-2024-53090 * CVE-2024-53091 * CVE-2024-53095 * CVE-2024-53099 * CVE-2024-53103 * CVE-2024-53105 * CVE-2024-53110 * CVE-2024-53111 * CVE-2024-53113 * CVE-2024-53117 * CVE-2024-53118 * CVE-2024-53119 * CVE-2024-53120 * CVE-2024-53121 * CVE-2024-53122 * CVE-2024-53125 * CVE-2024-53126 * CVE-2024-53127 * CVE-2024-53129 * CVE-2024-53130 * CVE-2024-53131 * CVE-2024-53133 * CVE-2024-53134 * CVE-2024-53136 * CVE-2024-53138 * CVE-2024-53141 * CVE-2024-53142 * CVE-2024-53144 * CVE-2024-53146 * CVE-2024-53148 * CVE-2024-53150 * CVE-2024-53151 * CVE-2024-53154 * CVE-2024-53155 * CVE-2024-53156 * CVE-2024-53157 * CVE-2024-53158 * CVE-2024-53159 * CVE-2024-53160 * CVE-2024-53161 * CVE-2024-53162 * CVE-2024-53164 * CVE-2024-53166 * CVE-2024-53168 * CVE-2024-53169 * CVE-2024-53170 * CVE-2024-53171 * CVE-2024-53172 * CVE-2024-53173 * CVE-2024-53174 * CVE-2024-53175 * CVE-2024-53179 * CVE-2024-53180 * CVE-2024-53185 * CVE-2024-53188 * CVE-2024-53190 * CVE-2024-53191 * CVE-2024-53194 * CVE-2024-53195 * CVE-2024-53196 * CVE-2024-53197 * CVE-2024-53198 * CVE-2024-53200 * CVE-2024-53201 * CVE-2024-53202 * CVE-2024-53206 * CVE-2024-53207 * CVE-2024-53208 * CVE-2024-53209 * CVE-2024-53210 * CVE-2024-53213 * CVE-2024-53214 * CVE-2024-53215 * CVE-2024-53216 * CVE-2024-53217 * CVE-2024-53222 * CVE-2024-53224 * CVE-2024-53227 * CVE-2024-53229 * CVE-2024-53230 * CVE-2024-53231 * CVE-2024-53232 * CVE-2024-53233 * CVE-2024-53234 * CVE-2024-53236 * CVE-2024-53237 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-53685 * CVE-2024-53690 * CVE-2024-54680 * CVE-2024-55639 * CVE-2024-55881 * CVE-2024-55916 * CVE-2024-56369 * CVE-2024-56372 * CVE-2024-56531 * CVE-2024-56532 * CVE-2024-56533 * CVE-2024-56536 * CVE-2024-56538 * CVE-2024-56539 * CVE-2024-56543 * CVE-2024-56546 * CVE-2024-56548 * CVE-2024-56549 * CVE-2024-56551 * CVE-2024-56557 * CVE-2024-56558 * CVE-2024-56562 * CVE-2024-56566 * CVE-2024-56567 * CVE-2024-56568 * CVE-2024-56569 * CVE-2024-56570 * CVE-2024-56571 * CVE-2024-56572 * CVE-2024-56573 * CVE-2024-56574 * CVE-2024-56575 * CVE-2024-56576 * CVE-2024-56577 * CVE-2024-56578 * CVE-2024-56582 * CVE-2024-56584 * CVE-2024-56587 * CVE-2024-56588 * CVE-2024-56589 * CVE-2024-56590 * CVE-2024-56593 * CVE-2024-56594 * CVE-2024-56595 * CVE-2024-56596 * CVE-2024-56597 * CVE-2024-56598 * CVE-2024-56599 * CVE-2024-5660 * CVE-2024-56602 * CVE-2024-56603 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56606 * CVE-2024-56607 * CVE-2024-56609 * CVE-2024-56611 * CVE-2024-56614 * CVE-2024-56615 * CVE-2024-56616 * CVE-2024-56617 * CVE-2024-56619 * CVE-2024-56620 * CVE-2024-56622 * CVE-2024-56623 * CVE-2024-56625 * CVE-2024-56629 * CVE-2024-56630 * CVE-2024-56631 * CVE-2024-56632 * CVE-2024-56634 * CVE-2024-56635 * CVE-2024-56636 * CVE-2024-56637 * CVE-2024-56641 * CVE-2024-56642 * CVE-2024-56643 * CVE-2024-56644 * CVE-2024-56645 * CVE-2024-56648 * CVE-2024-56649 * CVE-2024-56651 * CVE-2024-56654 * CVE-2024-56656 * CVE-2024-56659 * CVE-2024-56660 * CVE-2024-56661 * CVE-2024-56662 * CVE-2024-56663 * CVE-2024-56664 * CVE-2024-56667 * CVE-2024-56670 * CVE-2024-56672 * CVE-2024-56675 * CVE-2024-56677 * CVE-2024-56678 * CVE-2024-56681 * CVE-2024-56683 * CVE-2024-56687 * CVE-2024-56688 * CVE-2024-56690 * CVE-2024-56691 * CVE-2024-56694 * CVE-2024-56698 * CVE-2024-56700 * CVE-2024-56701 * CVE-2024-56704 * CVE-2024-56705 * CVE-2024-56708 * CVE-2024-56709 * CVE-2024-56712 * CVE-2024-56716 * CVE-2024-56722 * CVE-2024-56723 * CVE-2024-56724 * CVE-2024-56729 * CVE-2024-56739 * CVE-2024-56741 * CVE-2024-56745 * CVE-2024-56746 * CVE-2024-56747 * CVE-2024-56748 * CVE-2024-56752 * CVE-2024-56754 * CVE-2024-56755 * CVE-2024-56756 * CVE-2024-56759 * CVE-2024-56760 * CVE-2024-56765 * CVE-2024-56766 * CVE-2024-56767 * CVE-2024-56769 * CVE-2024-56774 * CVE-2024-56775 * CVE-2024-56776 * CVE-2024-56777 * CVE-2024-56778 * CVE-2024-56779 * CVE-2024-56780 * CVE-2024-56787 * CVE-2024-57791 * CVE-2024-57792 * CVE-2024-57793 * CVE-2024-57795 * CVE-2024-57798 * CVE-2024-57801 * CVE-2024-57804 * CVE-2024-57809 * CVE-2024-57838 * CVE-2024-57849 * CVE-2024-57850 * CVE-2024-57857 * CVE-2024-57874 * CVE-2024-57876 * CVE-2024-57887 * CVE-2024-57888 * CVE-2024-57890 * CVE-2024-57892 * CVE-2024-57893 * CVE-2024-57896 * CVE-2024-57897 * CVE-2024-57899 * CVE-2024-57903 * CVE-2024-57904 * CVE-2024-57906 * CVE-2024-57907 * CVE-2024-57908 * CVE-2024-57910 * CVE-2024-57911 * CVE-2024-57912 * CVE-2024-57913 * CVE-2024-57915 * CVE-2024-57916 * CVE-2024-57922 * CVE-2024-57926 * CVE-2024-57929 * CVE-2024-57932 * CVE-2024-57933 * CVE-2024-57935 * CVE-2024-57936 * CVE-2024-57940 * CVE-2024-8805 * CVE-2025-21632 * CVE-2025-21645 * CVE-2025-21646 * CVE-2025-21649 * CVE-2025-21650 * CVE-2025-21651 * CVE-2025-21656 * CVE-2025-21662 CVSS scores: * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26596 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2024-26596 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27397 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36476 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-36476 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36476 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36908 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39282 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-39282 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39480 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L * CVE-2024-39480 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43913 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43913 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-43913 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44996 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45828 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45828 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46680 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L * CVE-2024-46680 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46680 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46765 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46765 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46800 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46800 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46800 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46896 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47141 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47141 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47143 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47143 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47809 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-48873 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-48873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-48881 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-48881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49569 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49854 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49854 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49854 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49915 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49951 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49998 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50018 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50051 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50051 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50106 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50106 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50151 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-50151 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50203 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50203 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50203 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50211 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50228 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50228 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-50228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50252 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50252 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50262 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50262 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50272 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50279 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50279 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50296 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50296 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50299 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50299 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-52332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-52332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53043 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53043 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53050 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53051 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53056 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53091 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53091 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53099 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53099 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53099 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53110 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53110 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53111 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53111 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53117 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53118 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53121 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53127 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53133 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53133 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53134 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53136 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53138 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53138 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53141 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53148 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53148 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53150 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53150 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53151 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53154 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53154 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53155 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53155 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53155 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53159 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53159 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-53160 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53160 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53161 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53168 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53168 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53169 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53169 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53170 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53170 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53170 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53171 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53172 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53172 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53174 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53174 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53175 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-53175 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53180 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53180 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53185 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53188 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53190 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-53190 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-53191 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53191 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53194 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53194 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53195 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-53195 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-53196 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53196 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-53197 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53197 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53198 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53198 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-53200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53200 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53201 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53202 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53202 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-53202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53207 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53207 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53208 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53208 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53208 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53209 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53209 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53213 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53215 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53216 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53216 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53217 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53222 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53222 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53222 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53224 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53224 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53227 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53227 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53229 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53229 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53230 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53230 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53230 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53231 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53231 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53231 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53232 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53232 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53233 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53233 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53234 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53234 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53236 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53236 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53237 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53237 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53685 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54680 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54680 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54680 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-55639 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-55639 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-55881 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-55881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-55916 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-55916 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-55916 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56369 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56372 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56531 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56531 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56532 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56532 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56533 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56533 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56536 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56536 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56536 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56538 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56538 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56538 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56543 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56543 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56546 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56546 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56549 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56549 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56551 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56551 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56551 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56557 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56557 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56562 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56562 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56566 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56566 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2024-56567 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56567 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56568 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56568 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56569 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56569 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56570 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56571 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56571 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56572 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56572 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56572 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56573 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56573 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56574 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56574 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56574 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56575 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56576 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56577 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56577 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56577 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56578 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56578 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56578 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56582 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56582 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56582 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56584 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56587 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56588 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56588 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56588 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56589 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56590 ( SUSE ): 6.9 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56590 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56593 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56593 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56594 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56594 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56595 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56595 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56596 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56596 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56597 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56597 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56598 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56598 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56599 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56599 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56599 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5660 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56603 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56603 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56606 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56606 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56607 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56609 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56609 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56611 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56611 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56614 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56614 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56614 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56615 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56615 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56615 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56616 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56617 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56617 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56617 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56619 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56619 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56620 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56620 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56620 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56622 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56622 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56623 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56623 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56625 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56625 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56629 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56629 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56630 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56631 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56631 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56632 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56632 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56634 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56634 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56635 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56635 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56636 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-56636 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-56637 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56637 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56641 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56642 ( SUSE ): 7.5 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56642 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56643 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56643 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56643 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56644 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56644 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56645 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56645 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56649 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56649 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56649 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56651 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56651 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56651 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56654 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56654 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56654 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56656 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56656 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56656 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56659 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56659 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56660 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56660 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56660 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56661 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56662 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-56662 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L * CVE-2024-56662 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-56663 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56663 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-56663 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56667 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56670 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56670 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56670 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56672 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56672 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56672 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56675 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56675 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56677 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56677 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56678 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56678 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56681 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-56681 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-56683 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56687 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56687 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56688 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56688 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56690 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56690 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56691 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56691 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56694 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56694 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56698 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56698 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56700 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56700 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56701 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56701 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56705 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56705 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56708 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56708 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56708 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56709 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56709 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56712 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56712 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56712 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56716 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56716 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56722 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56722 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56723 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56723 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56723 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56724 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56724 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56729 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56729 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56729 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56739 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56741 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56741 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56741 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56745 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56745 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56746 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56746 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56747 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56747 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56747 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56748 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56748 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56748 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56752 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56752 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56754 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56754 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56755 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56755 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56756 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56756 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56756 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56759 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56759 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56760 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56760 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56765 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56765 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56765 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56766 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56766 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56767 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56767 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56769 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56769 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56769 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56774 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56774 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56775 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56775 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56776 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56776 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56777 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56777 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56778 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56778 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56779 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56779 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56780 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56780 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56787 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57791 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57791 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57792 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57792 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57795 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57795 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57798 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57801 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57801 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57801 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57804 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57804 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57809 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57838 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57838 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57849 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57849 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57850 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57850 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57857 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57857 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57874 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-57874 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-57876 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57876 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57887 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57887 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57887 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57888 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57890 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-57890 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-57890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57892 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57892 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57892 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57896 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57896 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57897 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57899 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-57899 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-57903 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57904 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57906 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-57906 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-57907 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-57907 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-57908 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-57908 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-57908 ( SUSE ): 3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-57910 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-57910 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-57911 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-57912 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-57912 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-57913 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-57913 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-57915 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57915 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57916 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57916 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57922 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57926 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57926 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57929 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57929 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57932 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57933 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57935 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57936 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57940 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57940 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57940 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21632 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21645 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21646 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21649 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21649 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21650 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21650 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21651 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21651 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21656 ( SUSE ): 1.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-21656 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2025-21662 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Confidential Computing Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 343 vulnerabilities, contains two features and has 119 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326). * CVE-2024-26596: net: dsa: fix netdev_priv() dereference before check on non- DSA netdevice events (bsc#1220355). * CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). * CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095). * CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). * CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). * CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205). * CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (bsc#1235705). * CVE-2024-46680: Bluetooth: btnxpuart: Fix random crash seen while removing driver (bsc#1230557). * CVE-2024-46765: ice: protect XDP configuration with a mutex (bsc#1230807). * CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827). * CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (bsc#1235727). * CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). * CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed (bsc#1232158). * CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). * CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087). * CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). * CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909). * CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055). * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). * CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). * CVE-2024-50252: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (bsc#1233201). * CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). * CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). * CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469). * CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). * CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). * CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488). * CVE-2024-53043: mctp i2c: handle NULL header address (bsc#1233523). * CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546). * CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547). * CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550). * CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568). * CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464). * CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). * CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (bsc#1233638). * CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772). * CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069). * CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085). * CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086). * CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). * CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079). * CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071). * CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). * CVE-2024-53121: net/mlx5: fs, lock FTE when checking if active (bsc#1234078). * CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). * CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). * CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). * CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221) * CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159). * CVE-2024-53138: net/mlx5e: kTLS, Fix incorrect page refcounting (bsc#1234223). * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). * CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810). * CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). * CVE-2024-53170: block: fix uaf for flush rq while iterating tags (bsc#1234888). * CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching (bsc#1234898). * CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns (bsc#1234893). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey() (bsc#1234901). * CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use (bsc#1234957). * CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction (bsc#1234906). * CVE-2024-53198: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (bsc#1234923). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003). * CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974). * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011). * CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050). * CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045). * CVE-2024-53236: xsk: Free skb when TX metadata options are invalid (bsc#1235000). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). * CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720). * CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree node (bsc#1235737). * CVE-2024-55881: KVM: x86: Play nice with protected guests in complete_hypercall_exit() (bsc#1235745). * CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753). * CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). * CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033). * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032). * CVE-2024-56569: ftrace: Fix regression with module command in stack_trace_filter (bsc#1235031). * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). * CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128). * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123). * CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption model (bsc#1235241). * CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138). * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521). * CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in can_create() (bsc#1235415). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM (bsc#1235391). * CVE-2024-56614: xsk: fix OOB map writes when deleting elements (bsc#1235424). * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements (bsc#1235426). * CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (bsc#1235429). * CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled (bsc#1235227). * CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251). * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). * CVE-2024-56635: net: avoid potential UAF in default_operstate() (bsc#1235519). * CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb() (bsc#1235520). * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a module (bsc#1235523). * CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526). * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv (bsc#1235132). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451). * CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not support (bsc#1235449). * CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (bsc#1235444). * CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439). * CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference (bsc#1235437). * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). * CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (bsc#1235555). * CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS (bsc#1235412). * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). * CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload (bsc#1235564). * CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path (bsc#1235565). * CVE-2024-56716: netdevsim: prevent bad user input in nsim_dev_health_break_write() (bsc#1235587). * CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops (bsc#1235503). * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934). * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (bsc#1235627). * CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). * CVE-2024-56774: btrfs: add a sanity check for btrfs root in btrfs_search_slot() (bsc#1235653). * CVE-2024-56775: drm/amd/display: Fix handling of plane refcount (bsc#1235657). * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768). * CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device (bsc#1235906). * CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without loaded flag (bsc#1235940). * CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (bsc#1235779). * CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL (bsc#1235793). * CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings (bsc#1235798). * CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946). * CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (bsc#1235964). * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount (bsc#1235965). * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967). * CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end (bsc#1236096). * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues (bsc#1236190). * CVE-2024-57933: gve: guard XSK operations on the existence of queues (bsc#1236178). * CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting" registers (bsc#1236106). * CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices (bsc#1236143). * CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue (bsc#1236144). * CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145). * CVE-2025-21662: net/mlx5: Fix variable not being completed when function returns (bsc#1236198). The following non-security bugs were fixed: * 9p: v9fs_fid_find: also lookup by inode if not found dentry (git-fixes). * ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) * ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable- fixes). * ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable- fixes). * ACPI: PCC: Add PCC shared memory region command and status bitfields (stable-fixes). * ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467). * ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (stable-fixes). * ACPI: resource: Fix memory resource type union access (git-fixes). * ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable- fixes). * ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable- fixes). * ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable- fixes). * ACPICA: events/evxfregn: do not release the ContextMutex that was never acquired (git-fixes). * ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). * ALSA: hda/conexant: fix Z60MR100 startup pop issue (stable-fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes). * ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable- fixes). * ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable- fixes). * ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360 (NP730QFG) (stable-fixes). * ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook 430 G8 (stable- fixes). * ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: seq: Check UMP support for midi_version change (git-fixes). * ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). * ALSA: seq: ump: Fix seq port updates per FB info notify (git-fixes). * ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes). * ALSA: seq: ump: Use guard() for locking (stable-fixes). * ALSA: ump: Use guard() for locking (stable-fixes). * ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes). * ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes). * ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). * ALSA: usb-audio: add mixer mapping for Corsair HS80 (stable-fixes). * ASoC: Intel: avs: da7219: Remove suspend_pre() and resume_post() (stable- fixes). * ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C (stable-fixes). * ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP (stable- fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ASoC: SOF: ipc3-topology: fix resource leaks in sof_ipc3_widget_setup_comp_dai() (git-fixes). * ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen 5 21MES00B00 (stable-fixes). * ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes). * ASoC: amd: yc: Fix the wrong return value (git-fixes). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: hdmi-codec: reorder channel allocation list (stable-fixes). * ASoC: mediatek: disable buffer pre-allocation (stable-fixes). * ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec (git-fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * ASoC: rt722: add delay time to wait for the calibration procedure (stable- fixes). * Bluetooth: Add support ITTIM PE50-M75C (stable-fixes). * Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (stable- fixes). * Bluetooth: ISO: Reassociate a socket with an active BIS (stable-fixes). * Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes). * Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). * Bluetooth: MGMT: Fix possible deadlocks (git-fixes). * Bluetooth: SCO: Add support for 16 bits transparent voice setting (git- fixes). * Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). * Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test (bsc#1230557) * Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable- fixes). * Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes). * Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes). * Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes). * Bluetooth: btusb: add callback function in btusb suspend/resume (stable- fixes). * Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). * Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes). * Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (git- fixes). * Bluetooth: hci_sync: Fix not setting Random Address when required (git- fixes). * Bluetooth: iso: Fix recursive locking warning (git-fixes). * Disable ceph (jsc#PED-7242) * Documentation/virt/kvm: Document on Trust Domain Extensions(TDX) (jsc#PED-6143). * Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git- fixes). * Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git- fixes). * Drop uvcvideo fix due to regression (bsc#1235894) * HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes). * HID: wacom: fix when get product name maybe null pointer (git-fixes). * Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes). * KVM: Fix conflict of IOCTL definition of KVM_MEMORY_MAPPING (jsc#PED-6143). * KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635). * KVM: TDX: Add KVM Exit for TDX TDG.VP.VMCALL (jsc#PED-6143). * KVM: TDX: Add TSX_CTRL msr into uret_msrs list (jsc#PED-6143). * KVM: TDX: Add a method to ignore dirty logging (jsc#PED-6143). * KVM: TDX: Add a method to ignore for TDX to ignore hypercall patch (jsc#PED-6143). * KVM: TDX: Add a place holder for handler of TDX hypercalls (TDG.VP.VMCALL) (jsc#PED-6143). * KVM: TDX: Add a place holder to handle TDX VM exit (jsc#PED-6143). * KVM: TDX: Add accessors VMX VMCS helpers (jsc#PED-6143). * KVM: TDX: Add helper function to read TDX metadata in array (jsc#PED-6143). * KVM: TDX: Add helper functions to allocate/free TDX private host key id (jsc#PED-6143). * KVM: TDX: Add is_private check for mmu_alloc_root (jsc#PED-6143). * KVM: TDX: Add load_mmu_pgd method for TDX (jsc#PED-6143). * KVM: TDX: Add methods to ignore VMX preemption timer (jsc#PED-6143). * KVM: TDX: Add methods to ignore accesses to TSC (jsc#PED-6143). * KVM: TDX: Add methods to ignore guest instruction emulation (jsc#PED-6143). * KVM: TDX: Add methods to ignore virtual apic related operation (jsc#PED-6143). * KVM: TDX: Add support for find pending IRQ in a protected local APIC (jsc#PED-6143). * KVM: TDX: Complete interrupts after tdexit (jsc#PED-6143). * KVM: TDX: Create initial guest memory (jsc#PED-6143). * KVM: TDX: Do TDX specific vcpu initialization (jsc#PED-6143). * KVM: TDX: Do not use NO_RBP_MOD for backward compatibility (jsc#PED-6143). * KVM: TDX: Emulate Xen MTRR disablement (jsc#PED-6143). * KVM: TDX: Extend memory measurement with initial guest memory (jsc#PED-6143). * KVM: TDX: Finalize VM initialization (jsc#PED-6143). * KVM: TDX: Fix incompatibility with QEMU definition (jsc#PED-6143). * KVM: TDX: Fix is_private for page fault handler (jsc#PED-6143). * KVM: TDX: Get system-wide info about TDX module on initialization (jsc#PED-6143). * KVM: TDX: Handle EXIT_REASON_OTHER_SMI with MSMI (jsc#PED-6143). * KVM: TDX: Handle MSR IA32_FEAT_CTL MSR and IA32_MCG_EXT_CTL (jsc#PED-6143). * KVM: TDX: Handle MSR MTRRCap and MTRRDefType access (jsc#PED-6143). * KVM: TDX: Handle TDG.VP.VMCALL<GetTdVmCallInfo> hypercall (jsc#PED-6143). * KVM: TDX: Handle TDX PV CPUID hypercall (jsc#PED-6143). * KVM: TDX: Handle TDX PV HLT hypercall (jsc#PED-6143). * KVM: TDX: Handle TDX PV MMIO hypercall (jsc#PED-6143). * KVM: TDX: Handle TDX PV port io hypercall (jsc#PED-6143). * KVM: TDX: Handle TDX PV rdmsr/wrmsr hypercall (jsc#PED-6143). * KVM: TDX: Handle vmentry failure for INTEL TD guest (jsc#PED-6143). * KVM: TDX: Ignore setting up mce (jsc#PED-6143). * KVM: TDX: Implement TDX vcpu enter/exit path (jsc#PED-6143). * KVM: TDX: Implement callbacks for MSR operations for TDX (jsc#PED-6143). * KVM: TDX: Implement interrupt injection (jsc#PED-6143). * KVM: TDX: Implement methods to inject NMI (jsc#PED-6143). * KVM: TDX: Inhibit APICv for TDX guest (jsc#PED-6143). * KVM: TDX: MTRR: implement get_mt_mask() for TDX (jsc#PED-6143). * KVM: TDX: Make KVM_CAP_MAX_VCPUS backend specific (jsc#PED-6143). * KVM: TDX: Make pmu_intel.c ignore guest TD case (jsc#PED-6143). * KVM: TDX: Refuse to unplug the last cpu on the package (jsc#PED-6143). * KVM: TDX: Require TDP MMU and mmio caching for TDX (jsc#PED-6143). * KVM: TDX: Retry seamcall when TDX_OPERAND_BUSY with operand SEPT (jsc#PED-6143). * KVM: TDX: Return -EINTR for KVM_MEMORY_MAPPING when signal pending (jsc#PED-6143). * KVM: TDX: Silently discard SMI request (jsc#PED-6143). * KVM: TDX: Silently ignore INIT/SIPI (jsc#PED-6143). * KVM: TDX: TDP MMU TDX support (jsc#PED-6143). * KVM: TDX: create/destroy VM structure (jsc#PED-6143). * KVM: TDX: create/free TDX vcpu structure (jsc#PED-6143). * KVM: TDX: handle EXCEPTION_NMI and EXTERNAL_INTERRUPT (jsc#PED-6143). * KVM: TDX: handle EXIT_REASON_OTHER_SMI (jsc#PED-6143). * KVM: TDX: handle KVM hypercall with TDG.VP.VMCALL (jsc#PED-6143). * KVM: TDX: handle ept violation/misconfig exit (jsc#PED-6143). * KVM: TDX: handle vcpu migration over logical processor (jsc#PED-6143). * KVM: TDX: initialize VM with TDX specific parameters (jsc#PED-6143). * KVM: TDX: remove use of struct vcpu_vmx from posted_interrupt.c (jsc#PED-6143). * KVM: TDX: restore debug store when TD exit (jsc#PED-6143). * KVM: TDX: restore host xsave state when exit from the guest TD (jsc#PED-6143). * KVM: TDX: restore user ret MSRs (jsc#PED-6143). * KVM: TDX: vcpu_run: save/restore host state(host kernel gs) (jsc#PED-6143). * KVM: TDX: x86: Add ioctl to get TDX systemwide parameters (jsc#PED-6143). * KVM: VMX: Move NMI/exception handler to common helper (jsc#PED-6143). * KVM: VMX: Split out guts of EPT violation to common/exposed function (jsc#PED-6143). * KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235776). * KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235777). * KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235778). * KVM: x86/mmu: Add a new is_private member for union kvm_mmu_page_role (jsc#PED-6143). * KVM: x86/mmu: Add a private pointer to struct kvm_mmu_page (jsc#PED-6143). * KVM: x86/mmu: Add address conversion functions for TDX shared bit of GPA (jsc#PED-6143). * KVM: x86/mmu: Alloc TDP MMU roots while holding mmu_lock for read (jsc#PED-6143). * KVM: x86/mmu: Allow passing '-1' for "all" as_id for TDP MMU iterators (jsc#PED-6143). * KVM: x86/mmu: Check for usable TDP MMU root while holding mmu_lock for read (jsc#PED-6143). * KVM: x86/mmu: Disallow fast page fault on private GPA (jsc#PED-6143). * KVM: x86/mmu: Do not do TLB flush when zappings SPTEs in invalid roots (jsc#PED-6143). * KVM: x86/mmu: Do not enable page track for TD guest (jsc#PED-6143). * KVM: x86/mmu: Free TDP MMU roots while holding mmy_lock for read (jsc#PED-6143). * KVM: x86/mmu: Precisely invalidate MMU root_role during CPUID update (git- fixes). * KVM: x86/mmu: Skip invalid TDP MMU roots when write-protecting SPTEs (jsc#PED-6143). * KVM: x86/mmu: Skip invalid roots when zapping leaf SPTEs for GFN range (jsc#PED-6143). * KVM: x86/mmu: Zap invalidated TDP MMU roots at 4KiB granularity (jsc#PED-6143). * KVM: x86/tdp_mmu: Apply mmu notifier callback to only shared GPA (jsc#PED-6143). * KVM: x86/tdp_mmu: Do not zap private pages for unsupported cases (jsc#PED-6143). * KVM: x86/tdp_mmu: Fix to return original flush on unsupported cases (jsc#PED-6143). * KVM: x86/tdp_mmu: Init role member of struct kvm_mmu_page at allocation (jsc#PED-6143). * KVM: x86/tdp_mmu: Support TDX private mapping for TDP MMU (jsc#PED-6143). * KVM: x86: Add a switch_db_regs flag to handle TDX's auto-switched behavior (jsc#PED-6143). * KVM: x86: Add hooks in kvm_arch_vcpu_memory_mapping() (jsc#PED-6143). * KVM: x86: Allow to update cached values in kvm_user_return_msrs w/o wrmsr (jsc#PED-6143). * KVM: x86: Assume timer IRQ was injected if APIC state is proteced (jsc#PED-6143). * KVM: x86: Split core of hypercall emulation to helper function (jsc#PED-6143). * KVM: x86: design documentation on TDX support of x86 KVM TDP MMU (jsc#PED-6143). * NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git- fixes). * NFSD: Async COPY result needs to return a write verifier (git-fixes). * NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (git- fixes). * NFSD: Fix nfsd4_shutdown_copy() (git-fixes). * NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). * NFSD: Prevent a potential integer overflow (git-fixes). * NFSD: Remove a never-true comparison (git-fixes). * NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point (git-fixes). * NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git- fixes). * Octeontx2-pf: Free send queue buffers incase of leaf to inner (git-fixes). * PCI/AER: Disable AER service on suspend (stable-fixes). * PCI/MSI: Handle lack of irqdomain gracefully (git-fixes). * PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes). * PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes). * PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes). * PCI: Add T_PERST_CLK_US macro (git-fixes). * PCI: Detect and trust built-in Thunderbolt chips (stable-fixes). * PCI: Fix use-after-free of slot->bus on hot remove (stable-fixes). * PCI: Use preserve_config in place of pci_flags (stable-fixes). * PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() (stable-fixes). * PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes). * PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (stable-fixes). * PCI: j721e: Add PCIe 4x lane selection support (stable-fixes). * PCI: j721e: Add per platform maximum lane settings (stable-fixes). * PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes). * PCI: j721e: Add suspend and resume support (git-fixes). * PCI: j721e: Use T_PERST_CLK_US macro (git-fixes). * PCI: qcom: Add support for IPQ9574 (stable-fixes). * PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable- fixes). * PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes). * RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467). * RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes) * RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes) * RDMA/bnxt_re: Avoid initializing the software queue for user queues (git- fixes) * RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes) * RDMA/bnxt_re: Disable use of reserved wqes (git-fixes) * RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes) * RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes) * RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes) * RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes) * RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes) * RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes) * RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes) * RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes) * RDMA/bnxt_re: Remove always true dattr validity check (git-fixes) * RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes) * RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes) * RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes) * RDMA/hns: Fix missing flush CQE for DWQE (git-fixes) * RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes) * RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes) * RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes) * RDMA/uverbs: Prevent integer overflow issue (git-fixes) * RFC: KVM: x86, TDX: Add check for KVM_SET_CPUID2 (jsc#PED-6143). * RFC: KVM: x86: Add x86 callback to check cpuid (jsc#PED-6143). * Revert "block/mq-deadline: use correct way to throttling write requests" (bsc#1234146). * Revert "btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)" * Revert "igb: Disable threaded IRQ for igb_msix_other" (git-fixes). * Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413) * Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413) * Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413) * Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git- fixes). * Revert "unicode: Do not special case ignorable code points" (stable-fixes). * Revert 'arm64: Kconfig: Make SME depend on BROKEN for now' * SUNRPC: make sure cache entry active before cache_show (git-fixes). * SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (git-fixes). * USB: core: Disable LPM only for non-suspended ports (git-fixes). * USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes). * USB: serial: option: add MediaTek T7XX compositions (stable-fixes). * USB: serial: option: add MeiG Smart SLM770A (stable-fixes). * USB: serial: option: add MeiG Smart SRM815 (stable-fixes). * USB: serial: option: add Neoway N723-EA support (stable-fixes). * USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable- fixes). * USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes). * USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes). * USB: usblp: return error when setting unsupported protocol (git-fixes). * VM: TDX: Add place holder for TDX VM specific mem_enc_op ioctl (jsc#PED-6143). * accel/habanalabs/gaudi2: unsecure tpc count registers (stable-fixes). * accel/habanalabs: export dma-buf only if size/offset multiples of PAGE_SIZE (stable-fixes). * accel/habanalabs: fix debugfs files permissions (stable-fixes). * accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings (stable- fixes). * acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes). * af_unix: Call manage_oob() for every skb in unix_stream_read_generic() (bsc#1234725). * afs: Automatically generate trace tag enums (git-fixes). * afs: Fix missing subdir edit when renamed between parent dirs (git-fixes). * afs: Fix the maximum cell name length (git-fixes). * amdgpu/uvd: get ring reference from rq scheduler (git-fixes). * arch: Introduce arch_{,try_}_cmpxchg128{,_local}() (bsc#1220773). * arch: Remove cmpxchg_double (bsc#1220773). * arch: consolidate arch_irq_work_raise prototypes (git-fixes). * arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) * arm64: Force position-independent veneers (git-fixes). * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes). * arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git- fixes) * arm64: dts: freescale: imx8mm-verdin: Fix SD regulator startup delay (git- fixes) * arm64: dts: freescale: imx8mp-verdin: Fix SD regulator startup delay (git- fixes) * arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs (git-fixes) * arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes). * arm64: dts: imx8qxp: Add VPU subsystem file (git-fixes) * arm64: dts: imx93: add nvmem property for eqos (git-fixes) * arm64: dts: imx93: add nvmem property for fec1 (git-fixes) * arm64: dts: imx93: add ocotp node (git-fixes) * arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus (git-fixes) * arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes (git-fixes) * arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes) * arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes) * arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo (git- fixes) * arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes (git-fixes) * arm64: dts: rockchip: Fix rt5651 compatible value on (git-fixes) * arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 (git- fixes) * arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node (git-fixes) * arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma (git- fixes) * arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes) * arm64: dts: rockchip: Remove undocumented supports-emmc property (git-fixes) * arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes). * arm64: dts: rockchip: fix i2c2 pinctrl-names property on (git-fixes) * arm64: dts: rockchip: remove num-slots property from (git-fixes) * arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone (git- fixes) * arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes) * arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git- fixes). * arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git- fixes) * arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes) * arm64: tegra: Move AGX Orin nodes to correct location (git-fixes) * arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git- fixes) * autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). * batman-adv: Do not let TT changes list grows indefinitely (git-fixes). * batman-adv: Do not send uninitialized TT changes (git-fixes). * batman-adv: Remove uninitialized data in full table TT response (git-fixes). * blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726). * blk-core: use pr_warn_ratelimited() in bio_check_ro() (bsc#1234139). * blk-iocost: Fix an UBSAN shift-out-of-bounds warning (bsc#1234144). * blk-iocost: do not WARN if iocg was already offlined (bsc#1234147). * blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (bsc#1234140). * blk-wbt-Fix-detection-of-dirty-throttled-tasks.patch: Update tags * block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() (bsc#1234149). * block, bfq: do not break merge chain in bfq_split_bfqq() (bsc#1234150). * block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234160). * block, bfq: fix procress reference leakage for bfqq in merge chain (bsc#1234280). * block, bfq: fix uaf for accessing waker_bfqq after splitting (bsc#1234279). * block/mq-deadline: Fix the tag reservation code (bsc#1234148). * block: Call .limit_depth() after .hctx has been set (bsc#1234148). * block: Fix where bio IO priority gets set (bsc#1234145). * block: prevent an integer overflow in bvec_try_merge_hw_page (bsc#1234142). * block: update the stable_writes flag in bdev_add (bsc#1234141). * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes) * bnxt_en: Fix receive ring space parameters when XDP is active (git-fixes). * bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes). * bnxt_en: Set backplane link modes correctly for ethtool (git-fixes). * bpf, arm64: Fix address emission with tag-based KASAN enabled (git-fixes) * bpf, arm64: Remove garbage frame for struct_ops trampoline (git-fixes) * bpf, x86: Fix PROBE_MEM runtime load check (git-fixes). * bpf: verifier: prevent userspace memory access (git-fixes). * btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445). * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445). * can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes). * can: dev: can_set_termination(): allow sleeping GPIOs (git-fixes). * can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes). * can: gs_usb: add VID/PID for Xylanta SAINT3 product family (stable-fixes). * can: hi311x: hi3110_can_ist(): fix potential use-after-free (git-fixes). * can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics (git-fixes). * can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes). * can: j1939: fix error in J1939 documentation (stable-fixes). * can: j1939: j1939_session_new(): fix skb reference counting (git-fixes). * can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git- fixes). * can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum DS80000789E 6 (git-fixes). * can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics (git-fixes). * can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes). * can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes). * ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592). * cleanup: Add conditional guard support (stable-fixes). * cleanup: Adjust scoped_guard() macros to avoid potential warning (stable- fixes). * cleanup: Remove address space of returned pointer (git-fixes). * clocksource/drivers/timer-ti-dm: Fix child node refcount handling (git- fixes). * clocksource/drivers:sp804: Make user selectable (git-fixes). * counter: stm32-timer-cnt: Add check for clk_enable() (git-fixes). * counter: ti-ecap-capture: Add check for clk_enable() (git-fixes). * cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo() (bsc#1234619). * cpufreq: intel_pstate: Do not update global.turbo_disabled after initialization (bsc#1234619). * cpufreq: intel_pstate: Drop redundant locking from intel_pstate_driver_cleanup() (bsc#1234619). * cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619). * cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller (bsc#1234619). * cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations (bsc#1234619). * cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619). * cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo() (bsc#1234619). * cpufreq: intel_pstate: Refine computation of P-state for given frequency (bsc#1234619). * cpufreq: intel_pstate: Replace three global.turbo_disabled checks (bsc#1234619). * cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619). * cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619). * cpufreq: intel_pstate: Update the maximum CPU frequency consistently (bsc#1234619). * cpufreq: intel_pstate: Use __ro_after_init for three variables (bsc#1234619). * cpufreq: intel_pstate: Wait for canceled delayed work to complete (bsc#1234619). * crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes (git-fixes). * crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable- fixes). * crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable- fixes). * crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes). * crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable- fixes). * crypto: qat - disable IOV in adf_dev_stop() (git-fixes). * crypto: x86/sha256 - Add parentheses around macros' single arguments (stable-fixes). * cyrpto/b128ops: Remove struct u128 (bsc#1220773). * devlink: Fix length of eswitch inline-mode (git-fixes). * dlm: fix possible lkb_resource null dereference (git-fixes). * dma-buf: fix dma_fence_array_signaled v4 (stable-fixes). * dma-debug: fix a possible deadlock on radix_lock (stable-fixes). * dma-fence: Fix reference leak on fence merge failure path (git-fixes). * dma-fence: Use kernel's sort for merging fences (git-fixes). * dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes). * dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git- fixes). * dmaengine: dw: Select only supported masters for ACPI devices (git-fixes). * dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). * dmaengine: mv_xor: fix child node refcount handling in early exit (git- fixes). * dmaengine: tegra: Return correct DMA status when paused (git-fixes). * driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link (stable-fixes). * driver core: fw_devlink: Improve logs for cycle detection (stable-fixes). * driver core: fw_devlink: Stop trying to optimize cycle detection logic (git- fixes). * drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path (git-fixes). * drm/amd/display: Add HDR workaround for specific eDP (stable-fixes). * drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw (stable-fixes). * drm/amd/display: Add check for granularity in dml ceil/floor helpers (stable-fixes). * drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes). * drm/amd/display: Avoid overflow assignment in link_dp_cts (stable-fixes). * drm/amd/display: Fix DSC-re-computing (stable-fixes). * drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable- fixes). * drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes). * drm/amd/display: Revert Avoid overflow assignment (stable-fixes). * drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces (stable- fixes). * drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable- fixes). * drm/amd/pm: fix the high voltage issue after unload (stable-fixes). * drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu v13.0.7 (stable-fixes). * drm/amdgpu/gfx10: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/gfx11: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/gfx9: properly handle error ints on all pipes (stable-fixes). * drm/amdgpu/gfx9: use rlc safe mode for soft recovery (stable-fixes). * drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes). * drm/amdgpu/pm: Remove gpu_od if it's an empty directory (stable-fixes). * drm/amdgpu/umsch: do not execute umsch test when GPU is in reset/suspend (stable-fixes). * drm/amdgpu/umsch: reinitialize write pointer in hw init (stable-fixes). * drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes). * drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes). * drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes). * drm/amdgpu: add raven1 gfxoff quirk (stable-fixes). * drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes). * drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes). * drm/amdgpu: differentiate external rev id for gfx 11.5.0 (stable-fixes). * drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable- fixes). * drm/amdgpu: do not access invalid sched (git-fixes). * drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes). * drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable- fixes). * drm/amdgpu: fix usage slab after free (stable-fixes). * drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes). * drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable- fixes). * drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes). * drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes). * drm/amdkfd: Correct the migration DMA map direction (stable-fixes). * drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes). * drm/amdkfd: Use device based logging for errors (stable-fixes). * drm/amdkfd: Use the correct wptr size (stable-fixes). * drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). * drm/amdkfd: pause autosuspend when creating pdd (stable-fixes). * drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). * drm/bridge: it6505: Enable module autoloading (stable-fixes). * drm/bridge: it6505: Fix inverted reset polarity (git-fixes). * drm/bridge: it6505: update usleep_range for RC circuit charge time (stable- fixes). * drm/display: Fix building with GCC 15 (stable-fixes). * drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). * drm/dp_mst: Fix MST sideband message body length check (stable-fixes). * drm/dp_mst: Fix resetting msg rx state after topology removal (git-fixes). * drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes). * drm/etnaviv: flush shader L1 cache after user commandstream (stable-fixes). * drm/i915/dg1: Fix power gate sequence (git-fixes). * drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes). * drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes). * drm/mcde: Enable module autoloading (stable-fixes). * drm/mediatek: Add return value check when reading DPCD (git-fixes). * drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). * drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). * drm/mediatek: Fix mode valid issue for dp (git-fixes). * drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). * drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git- fixes). * drm/mediatek: stop selecting foreign drivers (git-fixes). * drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable- fixes). * drm/nouveau/gsp: Use the sg allocator for level 2 of radix3 (stable-fixes). * drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git- fixes). * drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes). * drm/printer: Allow NULL data in devcoredump printer (stable-fixes). * drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable- fixes). * drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes). * drm/radeon: Fix spurious unplug event on radeon HDMI (git-fixes). * drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes). * drm/radeon: change rdev->ddev to rdev_to_drm(rdev) (stable-fixes). * drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes). * drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes). * drm/v3d: Enable Performance Counters before clearing them (git-fixes). * drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes). * drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes). * drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes). * drm/vmwgfx: Add new keep_resv BO param (git-fixes). * drm: adv7511: Drop dsi single lane support (git-fixes). * drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes). * drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes). * drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). * erofs: avoid debugging output for (de)compressed data (git-fixes). * exfat: ensure that ctime is updated whenever the mtime is (git-fixes). * exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). * exfat: fix the infinite loop in exfat_readdir() (git-fixes). * exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). * ext4: add a new helper to check if es must be kept (bsc#1234170). * ext4: add correct group descriptors and reserved GDT blocks to system zone (bsc#1234164). * ext4: add missed brelse in update_backups (bsc#1234171). * ext4: allow for the last group to be marked as trimmed (bsc#1234278). * ext4: avoid buffer_head leak in ext4_mark_inode_used() (bsc#1234191). * ext4: avoid excessive credit estimate in ext4_tmpfile() (bsc#1234180). * ext4: avoid negative min_clusters in find_group_orlov() (bsc#1234193). * ext4: avoid overlapping preallocations due to overflow (bsc#1234162). * ext4: avoid potential buffer_head leak in __ext4_new_inode() (bsc#1234192). * ext4: avoid writing unitialized memory to disk in EA inodes (bsc#1234187). * ext4: check the extent status again before inserting delalloc block (bsc#1234186). * ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard (bsc#1234190). * ext4: convert to exclusive lock while inserting delalloc extents (bsc#1234178). * ext4: correct best extent lstart adjustment logic (bsc#1234179). * ext4: correct grp validation in ext4_mb_good_group (bsc#1234163). * ext4: correct return value of ext4_convert_meta_bg (bsc#1234172). * ext4: correct the hole length returned by ext4_map_blocks() (bsc#1234178). * ext4: correct the start block of counting reserved clusters (bsc#1234169). * ext4: do not let fstrim block system suspend (https://bugzilla.kernel.org/show_bug.cgi?id=216322 bsc#1234166). * ext4: do not trim the group with corrupted block bitmap (bsc#1234177). * ext4: factor out __es_alloc_extent() and __es_free_extent() (bsc#1234170). * ext4: factor out a common helper to query extent map (bsc#1234186). * ext4: fix inconsistent between segment fstrim and full fstrim (bsc#1234176). * ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() (bsc#1234188). * ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() (bsc#1234188). * ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() (bsc#1234188). * ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954). * ext4: fix potential unnitialized variable (bsc#1234183). * ext4: fix race between writepages and remount (bsc#1234168). * ext4: fix rec_len verify error (bsc#1234167). * ext4: fix slab-use-after-free in ext4_es_insert_extent() (bsc#1234170). * ext4: fix uninitialized variable in ext4_inlinedir_to_tree (bsc#1234185). * ext4: forbid commit inconsistent quota data when errors=remount-ro (bsc#1234178). * ext4: make ext4_es_insert_delayed_block() return void (bsc#1234170). * ext4: make ext4_es_insert_extent() return void (bsc#1234170). * ext4: make ext4_es_remove_extent() return void (bsc#1234170). * ext4: make ext4_zeroout_es() return void (bsc#1234170). * ext4: make sure allocate pending entry not fail (bsc#1234170). * ext4: mark buffer new if it is unwritten to avoid stale data exposure (bsc#1234175). * ext4: move 'ix' sanity check to corrent position (bsc#1234174). * ext4: move setting of trimmed bit into ext4_try_to_trim_range() (bsc#1234165). * ext4: nested locking for xattr inode (bsc#1234189). * ext4: propagate errors from ext4_find_extent() in ext4_insert_range() (bsc#1234194). * ext4: refactor ext4_da_map_blocks() (bsc#1234178). * ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (bsc#1234173). * ext4: remove the redundant folio_wait_stable() (bsc#1234184). * ext4: set the type of max_zeroout to unsigned int to avoid overflow (bsc#1234182). * ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (bsc#1234181). * ext4: use pre-allocated es in __es_insert_extent() (bsc#1234170). * ext4: use pre-allocated es in __es_remove_extent() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_insert_delayed_block() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_insert_extent() (bsc#1234170). * ext4: using nofail preallocation in ext4_es_remove_extent() (bsc#1234170). * filemap: Fix bounds checking in filemap_read() (bsc#1234209). * filemap: add a per-mapping stable writes flag (bsc#1234141). * firmware: arm_scmi: Reject clear channel request on A2P (stable-fixes). * fs-writeback: do not requeue a clean inode having skipped pages (bsc#1234200). * fs/writeback: bail out if there is no more inodes for IO and queued once (bsc#1234207). * fsnotify: fix sending inotify event with unexpected filename (bsc#1234198). * genirq/cpuhotplug: Retry with cpu_online_mask when migration fails (git- fixes). * genirq/cpuhotplug: Skip suspended interrupts when restoring affinity (git- fixes). * genirq/irqdesc: Honor caller provided affinity in alloc_desc() (git-fixes). * gpio: grgpio: Add NULL check in grgpio_probe (git-fixes). * gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes). * gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes). * hfsplus: do not query the device logical block size multiple times (git- fixes). * hvc/xen: fix console unplug (git-fixes). * hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (git-fixes). * hvc/xen: fix event channel handling for secondary consoles (git-fixes). * hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). * hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable- fixes). * hwmon: (pmbus/core) clear faults after setting smbalert mask (git-fixes). * hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK (stable-fixes). * hwmon: (tmp513) Do not use "proxy" headers (stable-fixes). * hwmon: (tmp513) Fix Current Register value interpretation (git-fixes). * hwmon: (tmp513) Fix division of negative numbers (git-fixes). * hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes). * hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes). * hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes). * hwmon: (tmp513) Use SI constants from units.h (stable-fixes). * i2c: core: fix reference leak in i2c_register_adapter() (git-fixes). * i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes). * i2c: i801: Add support for Intel Panther Lake (stable-fixes). * i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git- fixes). * i2c: microchip-core: actually use repeated sends (git-fixes). * i2c: microchip-core: fix "ghost" detections (git-fixes). * i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes). * i2c: pnx: Fix timeout in wait functions (git-fixes). * i2c: rcar: fix NACK handling when being a target (git-fixes). * i2c: riic: Always round-up when calculating bus period (git-fixes). * i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable- fixes). * i40e: Fix handling changed priv flags (git-fixes). * i915/guc: Accumulate active runtime on gt reset (git-fixes). * i915/guc: Ensure busyness counter increases motonically (git-fixes). * i915/guc: Reset engine utilization buffer before registration (git-fixes). * iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes). * ice: Unbind the workqueue (bsc#1234989) * ice: change q_index variable type to s16 to store -1 value (git-fixes). * ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes). * ice: fix PHY Clock Recovery availability check (git-fixes). * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). * igb: Fix potential invalid memory access in igb_init_module() (git-fixes). * iio: adc: ad7124: Disable all channels at probe time (git-fixes). * iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). * iio: adc: rockchip_saradc: fix information leak in triggered buffer (git- fixes). * iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). * iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). * iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). * iio: gyro: fxas21002c: Fix missing data update in trigger handler (git- fixes). * iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). * iio: inkern: call iio_device_put() only on mapped devices (git-fixes). * iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). * iio: magnetometer: yas530: use signed integer type for clamp limits (git- fixes). * iio: pressure: zpa2326: fix information leak in triggered buffer (git- fixes). * iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). * instrumentation: Wire up cmpxchg128() (bsc#1220773). * io_uring/rw: avoid punting to io-wq directly (git-fixes). * io_uring/tctx: work around xa_store() allocation error issue (git-fixes). * io_uring: Fix registered ring file refcount leak (git-fixes). * io_uring: always lock __io_cqring_overflow_flush (git-fixes). * io_uring: check if iowq is killed before queuing (git-fixes). * iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated tables (git- fixes). * irqchip/gic-v3: Force propagation of the active state with a read-back (stable-fixes). * irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (stable-fixes). * irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (git-fixes). * isofs: handle CDs with bad root inode but good Joliet root directory (bsc#1234199). * ixgbe: downgrade logging of unsupported VF API version to debug (git-fixes). * ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (git-fixes). * jffs2: Fix rtime decompressor (git-fixes). * jffs2: Prevent rtime decompress memory corruption (git-fixes). * jffs2: fix use of uninitialized variable (git-fixes). * jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git- fixes). * jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). * jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). * jfs: fix shift-out-of-bounds in dbSplit (git-fixes). * jfs: xattr: check invalid xattr size more strictly (git-fixes). * kABI workaround for struct drm_dp_mst_topology_mgr (git-fixes). * kABI: Fix kABI after TDX KVM backports (jsc#PED-6143). * kABI: Restore exported __arm_smccc_sve_check (git-fixes) * kabi/severities: make vcap_find_actionfield PASS (bsc#1220773) * kasan: make report_lock a raw spinlock (git-fixes). * kdb: Fix buffer overflow during tab-complete (bsc#1234652). * kdb: Fix console handling when editing and tab-completing commands (bsc#1234655). * kdb: Merge identical case statements in kdb_read() (bsc#1234657). * kdb: Use format-specifiers rather than memset() for padding in kdb_read() (bsc#1234658). * kdb: Use format-strings rather than '\0' injection in kdb_read() (bsc#1234654). * kdb: Use the passed prompt in kdb_position_cursor() (bsc#1234654). * kdb: address -Wformat-security warnings (bsc#1234659). * kgdb: Flush console before entering kgdb on panic (bsc#1234651). * leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes). * lib/stackdepot: print disabled message only if truly disabled (git-fixes). * linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes). * locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix). * loop: fix the the direct I/O support check when used on top of block devices (bsc#1234143). * mac80211: fix user-power when emulating chanctx (stable-fixes). * mailbox: pcc: Add support for platform notification handling (stable-fixes). * mailbox: pcc: Support shared interrupt for multiple subspaces (stable- fixes). * media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable- fixes). * media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git- fixes). * media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes). * media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes). * media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes). * memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git- fixes). * memory-failure: use a folio in me_huge_page() (git-fixes). * mfd: da9052-spi: Change read-mask to write-mask (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (git-fixes). * mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (git-fixes). * misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). * misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). * mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list (git-fixes). * mm/filemap: avoid buffered read/write race to read inconsistent data (bsc#1234204). * mm/memory-failure: cast index to loff_t before shifting it (git-fixes). * mm/memory-failure: check the mapcount of the precise page (git-fixes). * mm/memory-failure: fix crash in split_huge_page_to_list from soft_offline_page (git-fixes). * mm/memory-failure: pass the folio and the page to collect_procs() (git- fixes). * mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git- fixes). * mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes). * mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes). * mm/memory_hotplug: prevent accessing by index=-1 (git-fixes). * mm/memory_hotplug: use pfn math in place of direct struct page manipulation (git-fixes). * mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes). * mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git- fixes). * mm/migrate: putback split folios when numa hint migration fails (git-fixes). * mm/migrate: split source folio if it is on deferred split list (git-fixes). * mm/page_owner: remove free_ts from page_owner output (git-fixes). * mm/readahead: do not allow order-1 folio (bsc#1234205). * mm/readahead: limit page cache size in page_cache_ra_order() (bsc#1234208). * mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes). * mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git- fixes). * mm: memory-failure: fetch compound head after extra page refcnt is held (git-fixes). * mm: memory-failure: fix potential page refcnt leak in memory_failure() (git- fixes). * mm: memory-failure: fix race window when trying to get hugetlb folio (git- fixes). * mm: memory-failure: remove unneeded PageHuge() check (git-fixes). * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * mmc: core: Add SD card quirk for broken poweroff notification (stable- fixes). * mmc: core: Further prevent card detect during shutdown (git-fixes). * mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes). * mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes). * mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes). * mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes). * mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git- fixes). * modpost: fix the missed iteration for the max bit in do_input() (git-fixes). * mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes). * mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes). * mtd: hyperbus: rpc-if: Convert to platform remove callback returning void (stable-fixes). * mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes). * mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes). * mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes). * net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (git-fixes). * net/ipv6: release expired exception dst cached in socket (bsc#1216813). * net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes). * net/mlx5e: Remove workaround to avoid syndrome for internal port (git- fixes). * net/mlx5e: clear xdp features on non-uplink representors (git-fixes). * net/qed: allow old cards not supporting "num_images" to work (git-fixes). * net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (git-fixes). * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * net: usb: qmi_wwan: add Quectel RG650V (stable-fixes). * net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes). * net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() (git-fixes). * net: wwan: t7xx: Fix FSM command timeout issue (git-fixes). * netdevsim: copy addresses for both in and out paths (git-fixes). * nfs: ignore SB_RDONLY when mounting nfs (git-fixes). * nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (git-fixes). * nfsd: make sure exp active before svc_export_show (git-fixes). * nfsd: release svc_expkey/svc_export with rcu_work (git-fixes). * nfsd: restore callback functionality for NFSv4.0 (git-fixes). * nilfs2: fix buffer head leaks in calls to truncate_inode_pages() (git- fixes). * nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). * nilfs2: prevent use of deleted inode (git-fixes). * nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). * nvme-rdma: unquiesce admin_q before destroy it (git-fixes). * nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). * nvme/multipath: Fix RCU list traversal to use SRCU primitive (git-fixes). * nvme: apple: fix device reference counting (git-fixes). * nvme: fix metadata handling in nvme-passthrough (git-fixes). * nvmet-loop: avoid using mutex in IO hotpath (git-fixes). * ocfs2: fix uninitialized value in ocfs2_file_read_iter() (git-fixes). * ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes). * of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes). * of: Fix error path in of_parse_phandle_with_args_map() (git-fixes). * of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git- fixes). * of: address: Report error on resource bounds overflow (stable-fixes). * parisc: Raise minimal GCC version (bsc#1220773). * parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix). * percpu: Add {raw,this}_cpu_try_cmpxchg() (bsc#1220773). * percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix). * percpu: Wire up cmpxchg128 (bsc#1220773). * phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes). * phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git- fixes). * phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes). * phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git- fixes). * phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes). * phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes). * phy: rockchip: naneng-combphy: fix phy reset (git-fixes). * phy: usb: Toggle the PHY power during init (git-fixes). * pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). * pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes). * pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes). * pinmux: Use sequential access to access desc->pinmux data (stable-fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897). * platform/x86/intel/tpmi: Add defines to get version information (bsc#1225897). * platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). * platform/x86: dell-smbios-base: Extends support to Alienware products (stable-fixes). * platform/x86: dell-wmi-base: Handle META key Lock/Unlock events (stable- fixes). * platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed (stable-fixes). * power: supply: gpio-charger: Fix set charge current limits (git-fixes). * powerpc/64s: Fix unnecessary copy to 0 when kernel is booted at address 0 (bsc#1215199). * powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869). * powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). * powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() (bsc#1215199). * powerpc/fadump: Refactor and prepare fadump_cma_init for late init (bsc#1215199). * powerpc/iommu: Move pSeries specific functions to pseries/iommu.c (bsc#1220711 ltc#205755). * powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711 ltc#205755). * powerpc/kexec: Fix return of uninitialized variable (bsc#1194869). * powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869). * powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869). * powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869). * powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755). * powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755). * powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755). * powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869). * powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531). * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825). * powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869). * powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869). * powerpc/pseries: Use correct data types from pseries_hp_errorlog struct (bsc#1215199). * powerpc/vdso: Inconditionally use CFUNC macro (bsc#1215199). * proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git- fixes). * quota: Fix rcu annotations of inode dquot pointers (bsc#1234197). * quota: explicitly forbid quota files from being encrypted (bsc#1234196). * quota: flush quota_release_work upon quota writeback (bsc#1234195). * quota: simplify drop_dquot_ref() (bsc#1234197). * readahead: use ilog2 instead of a while loop in page_cache_ra_order() (bsc#1234208). * regmap: Use correct format specifier for logging range errors (stable- fixes). * regmap: detach regmap from dev on regmap_exit (git-fixes). * regulator: rk808: Add apply_bit for BUCK3 on RK809 (stable-fixes). * rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes). * s390/cio: Do not unregister the subchannel based on DNV (git-fixes). * s390/cpum_sf: Convert to cmpxchg128() (bsc#1220773). * s390/cpum_sf: Handle CPU hotplug remove during sampling (git-fixes). * s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes). * s390/facility: Disable compile time optimization for decompressor code (git- fixes). * s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (git-fixes). * s390/pageattr: Implement missing kernel_page_present() (git-fixes). * s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) * scatterlist: fix incorrect func name in kernel-doc (git-fixes). * sched/numa: fix memory leak due to the overwritten vma->numab_state (git fixes (sched/numa)). * scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). * scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). * scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). * scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). * scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). * scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). * scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). * scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). * scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). * scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). * scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). * scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). * scsi: qla2xxx: Fix use after free on unload (bsc#1235406). * scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). * scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port (bsc#1235406). * scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). * scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64 (git-fixes). * selftests: mptcp: avoid spurious errors on disconnect (git-fixes). * serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes). * serial: 8250_dw: Do not use struct dw8250_data outside of 8250_dw (git- fixes). * serial: 8250_dw: Replace ACPI device check by a quirk (git-fixes). * serial: 8250_fintek: Add support for F81216E (stable-fixes). * serial: Do not hold the port lock when setting rx-during-tx GPIO (git- fixes). * serial: amba-pl011: Fix RX stall when DMA is used (git-fixes). * serial: amba-pl011: Use port lock wrappers (stable-fixes). * serial: amba-pl011: fix build regression (git-fixes). * serial: do not use uninitialized value in uart_poll_init() (git-fixes). * serial: imx: only set receiver level if it is zero (git-fixes). * serial: imx: set receiver level before starting uart (git-fixes). * serial: qcom-geni: Do not cancel/abort if we can't get the port lock (git- fixes). * serial: qcom-geni: disable interrupts during console writes (git-fixes). * serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() (git- fixes). * serial: qcom-geni: fix console corruption (git-fixes). * serial: qcom-geni: fix dma rx cancellation (git-fixes). * serial: qcom-geni: fix false console tx restart (git-fixes). * serial: qcom-geni: fix fifo polling timeout (git-fixes). * serial: qcom-geni: fix hard lockup on buffer flush (git-fixes). * serial: qcom-geni: fix polled console corruption (git-fixes). * serial: qcom-geni: fix polled console initialisation (git-fixes). * serial: qcom-geni: fix receiver enable (git-fixes). * serial: qcom-geni: fix shutdown race (git-fixes). * serial: qcom-geni: fix soft lockup on sw flow control and suspend (git- fixes). * serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() (git-fixes). * serial: qcom-geni: revert broken hibernation support (git-fixes). * serial: stm32: Return IRQ_NONE in the ISR if no handling happend (git- fixes). * serial: stm32: do not always set SER_RS485_RX_DURING_TX if RS485 is enabled (git-fixes). * slub: Replace cmpxchg_double() (bsc#1220773). * slub: Replace cmpxchg_double() - KABI fix (bsc#1220773). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: fix issue described in bsc#1233642] * soc/fsl: cpm: qmc: Convert to platform remove callback returning void (stable-fixes). * soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes). * soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version (stable-fixes). * soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version (stable-fixes). * soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes). * soc: fsl: cpm1: qmc: Set the ret error code on platform_get_irq() failure (git-fixes). * soc: imx8m: Probe the SoC driver as platform driver (stable-fixes). * soc: qcom: Add check devm_kasprintf() returned value (stable-fixes). * soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition (git-fixes). * soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers (git- fixes). * soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (git-fixes). * sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes). * sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes). * spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes). * spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes). * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). * stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes). * staging: iio: ad9832: Correct phase range check (git-fixes). * staging: iio: ad9834: Correct phase range check (git-fixes). * sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (git-fixes). * sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (git-fixes). * sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes). * svcrdma: Address an integer overflow (git-fixes). * svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git- fixes). * swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes). * swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (git-fixes). * tdx: following fixup for mapping_level porting conflict (jsc#PED-6143). * tdx: init has_private_mem during tdx init (jsc#PED-6143). * the end of (the first phase of) TDX KVM patch series (jsc#PED-6143). * thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes). * thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). * thunderbolt: Add support for Intel Lunar Lake (stable-fixes). * thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes). * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). * tools: hv: change permissions of NetworkManager configuration file (git- fixes). * tpm/eventlog: Limit memory allocations for event logs with excessive size (bsc#1233260 bsc#1233259 bsc#1232421). * tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421). * tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) * tty: serial: 8250: Fix another runtime PM usage counter underflow (git- fixes). * tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes). * types: Introduce [us]128 (bsc#1220773). * ubifs: Correct the total block count by deducting journal reservation (git- fixes). * ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git- fixes). * udf: Fix lock ordering in udf_evict_inode() (bsc#1234238). * udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243). * udf: prevent integer overflow in udf_bitmap_free_blocks() (bsc#1234239). * udf: refactor inode_bmap() to handle error (bsc#1234242). * udf: refactor udf_current_aext() to handle error (bsc#1234240). * udf: refactor udf_next_aext() to handle error (bsc#1234241). * udf: udftime: prevent overflow in udf_disk_stamp_to_time() (bsc#1234237). * usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes). * usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver (stable-fixes). * usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes). * usb: cdns3: Add quirk flag to enable suspend residency (stable-fixes). * usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes). * usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable- fixes). * usb: dwc2: Fix HCD port connection race (git-fixes). * usb: dwc2: Fix HCD resume (git-fixes). * usb: dwc2: gadget: Do not write invalid mapped sg entries into dma_desc with iommu enabled (stable-fixes). * usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes). * usb: dwc3-am62: Disable autosuspend during remove (git-fixes). * usb: dwc3: ep0: Do not clear ep0 DWC3_EP_TRANSFER_STARTED (git-fixes). * usb: dwc3: ep0: Do not reset resource alloc flag (git-fixes). * usb: dwc3: ep0: Do not reset resource alloc flag (including ep0) (git- fixes). * usb: dwc3: gadget: Rewrite endpoint allocation flow (stable-fixes). * usb: dwc3: gadget: fix writing NYET threshold (git-fixes). * usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes). * usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes). * usb: fix reference leak in usb_new_device() (git-fixes). * usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git- fixes). * usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). * usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). * usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). * usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes). * usb: host: max3421-hcd: Correctly abort a USB request (git-fixes). * usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes). * usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes). * usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). * usb: typec: use cleanup facility for 'altmodes_node' (stable-fixes). * vDPA/ifcvf: Fix pci_read_config_byte() return code handling (git-fixes). * vdpa/mlx5: Fix PA offset with unaligned starting iotlb map (git-fixes). * vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes). * vdpa: solidrun: Fix UB bug with devres (git-fixes). * vfs: fix readahead(2) on block devices (bsc#1234201). * vmscan,migrate: fix page count imbalance on node stats when demoting pages (git-fixes). * watchdog: apple: Actually flush writes after requesting watchdog restart (git-fixes). * watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes). * watchdog: rti: of: honor timeout-sec property (git-fixes). * watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). * watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset (stable-fixes). * watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes). * wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable- fixes). * wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes). * wifi: ath5k: add PCI ID for SX76X (git-fixes). * wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes). * wifi: cfg80211: sme: init n_channels before channels[] access (git-fixes). * wifi: cw1200: Fix potential NULL dereference (git-fixes). * wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes). * wifi: iwlwifi: mvm: Use the sync timepoint API in suspend (stable-fixes). * wifi: mac80211: Add non-atomic station iterator (stable-fixes). * wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() (stable- fixes). * wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable- fixes). * wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable- fixes). * wifi: mac80211: fix station NSS capability initialization order (git-fixes). * wifi: mac80211: init cnt before accessing elem in ieee80211_copy_mbssid_beacon (git-fixes). * wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). * wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one (git-fixes). * wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures (stable-fixes). * wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes). * wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable- fixes). * workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). * writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (bsc#1234203). * x86,amd_iommu: Replace cmpxchg_double() (bsc#1220773). * x86,intel_iommu: Replace cmpxchg_double() (bsc#1220773). * x86/hyperv: Fix hv tsc page based sched_clock for hibernation (git-fixes). * x86/kexec: Reset TDX private memory on platforms with TDX erratum (jsc#PED-6143). * x86/kexec: do unconditional WBINVD for bare-metal in relocate_kernel() (jsc#PED-6143). * x86/kexec: do unconditional WBINVD for bare-metal in stop_this_cpu() (jsc#PED-6143). * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes). * x86/virt/tdx: Add TDX memory reset notifier to reset other private pages (jsc#PED-6143). * x86/virt/tdx: Exclude memory region hole within CMR as TDMR's reserved area (jsc#PED-6143). * x86/virt/tdx: Explicitly save/restore RBP for seamcall_saved_ret() (jsc#PED-6143). * x86/virt/tdx: Get information about TDX module and TDX-capable memory (jsc#PED-6143). * xfs: do not allocate COW extents when unsharing a hole (git-fixes). * xfs: fix sb_spino_align checks for large fsblock sizes (git-fixes). * xfs: remove unknown compat feature check in superblock write validation (git-fixes). * xfs: return from xfs_symlink_verify early on V4 filesystems (git-fixes). * xfs: sb_spino_align is not verified (git-fixes). * xhci: Add usb cold attach (CAS) as a reason to resume root hub (git-fixes). * xhci: Allow RPM on the USB controller (1022:43f7) by default (stable-fixes). * xhci: fix possible null pointer deref during xhci urb enqueue (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Confidential Computing Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-289=1 ## Package List: * Confidential Computing Module 15-SP6 (nosrc x86_64) * kernel-coco-6.4.0-15061.12.coco15sp6.1 * kernel-coco_debug-6.4.0-15061.12.coco15sp6.1 * Confidential Computing Module 15-SP6 (x86_64) * kernel-coco-devel-6.4.0-15061.12.coco15sp6.1 * kernel-coco-debugsource-6.4.0-15061.12.coco15sp6.1 * kernel-coco_debug-devel-6.4.0-15061.12.coco15sp6.1 * kernel-coco_debug-devel-debuginfo-6.4.0-15061.12.coco15sp6.1 * kernel-coco-debuginfo-6.4.0-15061.12.coco15sp6.1 * kernel-coco_debug-debuginfo-6.4.0-15061.12.coco15sp6.1 * kernel-coco_debug-debugsource-6.4.0-15061.12.coco15sp6.1 * reiserfs-kmp-coco-6.4.0-15061.12.coco15sp6.1 * reiserfs-kmp-coco-debuginfo-6.4.0-15061.12.coco15sp6.1 * kernel-syms-coco-6.4.0-15061.12.coco15sp6.1 * kernel-coco-vdso-debuginfo-6.4.0-15061.12.coco15sp6.1 * Confidential Computing Module 15-SP6 (noarch) * kernel-devel-coco-6.4.0-15061.12.coco15sp6.1 * kernel-source-coco-6.4.0-15061.12.coco15sp6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2024-26596.html * https://www.suse.com/security/cve/CVE-2024-26924.html * https://www.suse.com/security/cve/CVE-2024-27397.html * https://www.suse.com/security/cve/CVE-2024-35839.html * https://www.suse.com/security/cve/CVE-2024-36476.html * https://www.suse.com/security/cve/CVE-2024-36908.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-39282.html * https://www.suse.com/security/cve/CVE-2024-39480.html * https://www.suse.com/security/cve/CVE-2024-41042.html * https://www.suse.com/security/cve/CVE-2024-43913.html * https://www.suse.com/security/cve/CVE-2024-44934.html * https://www.suse.com/security/cve/CVE-2024-44996.html * https://www.suse.com/security/cve/CVE-2024-45828.html * https://www.suse.com/security/cve/CVE-2024-46680.html * https://www.suse.com/security/cve/CVE-2024-46765.html * https://www.suse.com/security/cve/CVE-2024-46800.html * https://www.suse.com/security/cve/CVE-2024-46896.html * https://www.suse.com/security/cve/CVE-2024-47141.html * https://www.suse.com/security/cve/CVE-2024-47143.html * https://www.suse.com/security/cve/CVE-2024-47678.html * https://www.suse.com/security/cve/CVE-2024-47809.html * https://www.suse.com/security/cve/CVE-2024-48873.html * https://www.suse.com/security/cve/CVE-2024-48881.html * https://www.suse.com/security/cve/CVE-2024-49569.html * https://www.suse.com/security/cve/CVE-2024-49854.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49915.html * https://www.suse.com/security/cve/CVE-2024-49944.html * https://www.suse.com/security/cve/CVE-2024-49951.html * https://www.suse.com/security/cve/CVE-2024-49952.html * https://www.suse.com/security/cve/CVE-2024-49998.html * https://www.suse.com/security/cve/CVE-2024-50016.html * https://www.suse.com/security/cve/CVE-2024-50018.html * https://www.suse.com/security/cve/CVE-2024-50039.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50051.html * https://www.suse.com/security/cve/CVE-2024-50106.html * https://www.suse.com/security/cve/CVE-2024-50143.html * https://www.suse.com/security/cve/CVE-2024-50151.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-50199.html * https://www.suse.com/security/cve/CVE-2024-50202.html * https://www.suse.com/security/cve/CVE-2024-50203.html * https://www.suse.com/security/cve/CVE-2024-50211.html * https://www.suse.com/security/cve/CVE-2024-50228.html * https://www.suse.com/security/cve/CVE-2024-50252.html * https://www.suse.com/security/cve/CVE-2024-50256.html * https://www.suse.com/security/cve/CVE-2024-50262.html * https://www.suse.com/security/cve/CVE-2024-50272.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50279.html * https://www.suse.com/security/cve/CVE-2024-50280.html * https://www.suse.com/security/cve/CVE-2024-50296.html * https://www.suse.com/security/cve/CVE-2024-50299.html * https://www.suse.com/security/cve/CVE-2024-52332.html * https://www.suse.com/security/cve/CVE-2024-53043.html * https://www.suse.com/security/cve/CVE-2024-53050.html * https://www.suse.com/security/cve/CVE-2024-53051.html * https://www.suse.com/security/cve/CVE-2024-53055.html * https://www.suse.com/security/cve/CVE-2024-53056.html * https://www.suse.com/security/cve/CVE-2024-53064.html * https://www.suse.com/security/cve/CVE-2024-53090.html * https://www.suse.com/security/cve/CVE-2024-53091.html * https://www.suse.com/security/cve/CVE-2024-53095.html * https://www.suse.com/security/cve/CVE-2024-53099.html * https://www.suse.com/security/cve/CVE-2024-53103.html * https://www.suse.com/security/cve/CVE-2024-53105.html * https://www.suse.com/security/cve/CVE-2024-53110.html * https://www.suse.com/security/cve/CVE-2024-53111.html * https://www.suse.com/security/cve/CVE-2024-53113.html * https://www.suse.com/security/cve/CVE-2024-53117.html * https://www.suse.com/security/cve/CVE-2024-53118.html * https://www.suse.com/security/cve/CVE-2024-53119.html * https://www.suse.com/security/cve/CVE-2024-53120.html * https://www.suse.com/security/cve/CVE-2024-53121.html * https://www.suse.com/security/cve/CVE-2024-53122.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-53126.html * https://www.suse.com/security/cve/CVE-2024-53127.html * https://www.suse.com/security/cve/CVE-2024-53129.html * https://www.suse.com/security/cve/CVE-2024-53130.html * https://www.suse.com/security/cve/CVE-2024-53131.html * https://www.suse.com/security/cve/CVE-2024-53133.html * https://www.suse.com/security/cve/CVE-2024-53134.html * https://www.suse.com/security/cve/CVE-2024-53136.html * https://www.suse.com/security/cve/CVE-2024-53138.html * https://www.suse.com/security/cve/CVE-2024-53141.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53148.html * https://www.suse.com/security/cve/CVE-2024-53150.html * https://www.suse.com/security/cve/CVE-2024-53151.html * https://www.suse.com/security/cve/CVE-2024-53154.html * https://www.suse.com/security/cve/CVE-2024-53155.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53157.html * https://www.suse.com/security/cve/CVE-2024-53158.html * https://www.suse.com/security/cve/CVE-2024-53159.html * https://www.suse.com/security/cve/CVE-2024-53160.html * https://www.suse.com/security/cve/CVE-2024-53161.html * https://www.suse.com/security/cve/CVE-2024-53162.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53168.html * https://www.suse.com/security/cve/CVE-2024-53169.html * https://www.suse.com/security/cve/CVE-2024-53170.html * https://www.suse.com/security/cve/CVE-2024-53171.html * https://www.suse.com/security/cve/CVE-2024-53172.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53174.html * https://www.suse.com/security/cve/CVE-2024-53175.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53180.html * https://www.suse.com/security/cve/CVE-2024-53185.html * https://www.suse.com/security/cve/CVE-2024-53188.html * https://www.suse.com/security/cve/CVE-2024-53190.html * https://www.suse.com/security/cve/CVE-2024-53191.html * https://www.suse.com/security/cve/CVE-2024-53194.html * https://www.suse.com/security/cve/CVE-2024-53195.html * https://www.suse.com/security/cve/CVE-2024-53196.html * https://www.suse.com/security/cve/CVE-2024-53197.html * https://www.suse.com/security/cve/CVE-2024-53198.html * https://www.suse.com/security/cve/CVE-2024-53200.html * https://www.suse.com/security/cve/CVE-2024-53201.html * https://www.suse.com/security/cve/CVE-2024-53202.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53207.html * https://www.suse.com/security/cve/CVE-2024-53208.html * https://www.suse.com/security/cve/CVE-2024-53209.html * https://www.suse.com/security/cve/CVE-2024-53210.html * https://www.suse.com/security/cve/CVE-2024-53213.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53215.html * https://www.suse.com/security/cve/CVE-2024-53216.html * https://www.suse.com/security/cve/CVE-2024-53217.html * https://www.suse.com/security/cve/CVE-2024-53222.html * https://www.suse.com/security/cve/CVE-2024-53224.html * https://www.suse.com/security/cve/CVE-2024-53227.html * https://www.suse.com/security/cve/CVE-2024-53229.html * https://www.suse.com/security/cve/CVE-2024-53230.html * https://www.suse.com/security/cve/CVE-2024-53231.html * https://www.suse.com/security/cve/CVE-2024-53232.html * https://www.suse.com/security/cve/CVE-2024-53233.html * https://www.suse.com/security/cve/CVE-2024-53234.html * https://www.suse.com/security/cve/CVE-2024-53236.html * https://www.suse.com/security/cve/CVE-2024-53237.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-53685.html * https://www.suse.com/security/cve/CVE-2024-53690.html * https://www.suse.com/security/cve/CVE-2024-54680.html * https://www.suse.com/security/cve/CVE-2024-55639.html * https://www.suse.com/security/cve/CVE-2024-55881.html * https://www.suse.com/security/cve/CVE-2024-55916.html * https://www.suse.com/security/cve/CVE-2024-56369.html * https://www.suse.com/security/cve/CVE-2024-56372.html * https://www.suse.com/security/cve/CVE-2024-56531.html * https://www.suse.com/security/cve/CVE-2024-56532.html * https://www.suse.com/security/cve/CVE-2024-56533.html * https://www.suse.com/security/cve/CVE-2024-56536.html * https://www.suse.com/security/cve/CVE-2024-56538.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56543.html * https://www.suse.com/security/cve/CVE-2024-56546.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56549.html * https://www.suse.com/security/cve/CVE-2024-56551.html * https://www.suse.com/security/cve/CVE-2024-56557.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-56562.html * https://www.suse.com/security/cve/CVE-2024-56566.html * https://www.suse.com/security/cve/CVE-2024-56567.html * https://www.suse.com/security/cve/CVE-2024-56568.html * https://www.suse.com/security/cve/CVE-2024-56569.html * https://www.suse.com/security/cve/CVE-2024-56570.html * https://www.suse.com/security/cve/CVE-2024-56571.html * https://www.suse.com/security/cve/CVE-2024-56572.html * https://www.suse.com/security/cve/CVE-2024-56573.html * https://www.suse.com/security/cve/CVE-2024-56574.html * https://www.suse.com/security/cve/CVE-2024-56575.html * https://www.suse.com/security/cve/CVE-2024-56576.html * https://www.suse.com/security/cve/CVE-2024-56577.html * https://www.suse.com/security/cve/CVE-2024-56578.html * https://www.suse.com/security/cve/CVE-2024-56582.html * https://www.suse.com/security/cve/CVE-2024-56584.html * https://www.suse.com/security/cve/CVE-2024-56587.html * https://www.suse.com/security/cve/CVE-2024-56588.html * https://www.suse.com/security/cve/CVE-2024-56589.html * https://www.suse.com/security/cve/CVE-2024-56590.html * https://www.suse.com/security/cve/CVE-2024-56593.html * https://www.suse.com/security/cve/CVE-2024-56594.html * https://www.suse.com/security/cve/CVE-2024-56595.html * https://www.suse.com/security/cve/CVE-2024-56596.html * https://www.suse.com/security/cve/CVE-2024-56597.html * https://www.suse.com/security/cve/CVE-2024-56598.html * https://www.suse.com/security/cve/CVE-2024-56599.html * https://www.suse.com/security/cve/CVE-2024-5660.html * https://www.suse.com/security/cve/CVE-2024-56602.html * https://www.suse.com/security/cve/CVE-2024-56603.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56606.html * https://www.suse.com/security/cve/CVE-2024-56607.html * https://www.suse.com/security/cve/CVE-2024-56609.html * https://www.suse.com/security/cve/CVE-2024-56611.html * https://www.suse.com/security/cve/CVE-2024-56614.html * https://www.suse.com/security/cve/CVE-2024-56615.html * https://www.suse.com/security/cve/CVE-2024-56616.html * https://www.suse.com/security/cve/CVE-2024-56617.html * https://www.suse.com/security/cve/CVE-2024-56619.html * https://www.suse.com/security/cve/CVE-2024-56620.html * https://www.suse.com/security/cve/CVE-2024-56622.html * https://www.suse.com/security/cve/CVE-2024-56623.html * https://www.suse.com/security/cve/CVE-2024-56625.html * https://www.suse.com/security/cve/CVE-2024-56629.html * https://www.suse.com/security/cve/CVE-2024-56630.html * https://www.suse.com/security/cve/CVE-2024-56631.html * https://www.suse.com/security/cve/CVE-2024-56632.html * https://www.suse.com/security/cve/CVE-2024-56634.html * https://www.suse.com/security/cve/CVE-2024-56635.html * https://www.suse.com/security/cve/CVE-2024-56636.html * https://www.suse.com/security/cve/CVE-2024-56637.html * https://www.suse.com/security/cve/CVE-2024-56641.html * https://www.suse.com/security/cve/CVE-2024-56642.html * https://www.suse.com/security/cve/CVE-2024-56643.html * https://www.suse.com/security/cve/CVE-2024-56644.html * https://www.suse.com/security/cve/CVE-2024-56645.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://www.suse.com/security/cve/CVE-2024-56649.html * https://www.suse.com/security/cve/CVE-2024-56651.html * https://www.suse.com/security/cve/CVE-2024-56654.html * https://www.suse.com/security/cve/CVE-2024-56656.html * https://www.suse.com/security/cve/CVE-2024-56659.html * https://www.suse.com/security/cve/CVE-2024-56660.html * https://www.suse.com/security/cve/CVE-2024-56661.html * https://www.suse.com/security/cve/CVE-2024-56662.html * https://www.suse.com/security/cve/CVE-2024-56663.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2024-56667.html * https://www.suse.com/security/cve/CVE-2024-56670.html * https://www.suse.com/security/cve/CVE-2024-56672.html * https://www.suse.com/security/cve/CVE-2024-56675.html * https://www.suse.com/security/cve/CVE-2024-56677.html * https://www.suse.com/security/cve/CVE-2024-56678.html * https://www.suse.com/security/cve/CVE-2024-56681.html * https://www.suse.com/security/cve/CVE-2024-56683.html * https://www.suse.com/security/cve/CVE-2024-56687.html * https://www.suse.com/security/cve/CVE-2024-56688.html * https://www.suse.com/security/cve/CVE-2024-56690.html * https://www.suse.com/security/cve/CVE-2024-56691.html * https://www.suse.com/security/cve/CVE-2024-56694.html * https://www.suse.com/security/cve/CVE-2024-56698.html * https://www.suse.com/security/cve/CVE-2024-56700.html * https://www.suse.com/security/cve/CVE-2024-56701.html * https://www.suse.com/security/cve/CVE-2024-56704.html * https://www.suse.com/security/cve/CVE-2024-56705.html * https://www.suse.com/security/cve/CVE-2024-56708.html * https://www.suse.com/security/cve/CVE-2024-56709.html * https://www.suse.com/security/cve/CVE-2024-56712.html * https://www.suse.com/security/cve/CVE-2024-56716.html * https://www.suse.com/security/cve/CVE-2024-56722.html * https://www.suse.com/security/cve/CVE-2024-56723.html * https://www.suse.com/security/cve/CVE-2024-56724.html * https://www.suse.com/security/cve/CVE-2024-56729.html * https://www.suse.com/security/cve/CVE-2024-56739.html * https://www.suse.com/security/cve/CVE-2024-56741.html * https://www.suse.com/security/cve/CVE-2024-56745.html * https://www.suse.com/security/cve/CVE-2024-56746.html * https://www.suse.com/security/cve/CVE-2024-56747.html * https://www.suse.com/security/cve/CVE-2024-56748.html * https://www.suse.com/security/cve/CVE-2024-56752.html * https://www.suse.com/security/cve/CVE-2024-56754.html * https://www.suse.com/security/cve/CVE-2024-56755.html * https://www.suse.com/security/cve/CVE-2024-56756.html * https://www.suse.com/security/cve/CVE-2024-56759.html * https://www.suse.com/security/cve/CVE-2024-56760.html * https://www.suse.com/security/cve/CVE-2024-56765.html * https://www.suse.com/security/cve/CVE-2024-56766.html * https://www.suse.com/security/cve/CVE-2024-56767.html * https://www.suse.com/security/cve/CVE-2024-56769.html * https://www.suse.com/security/cve/CVE-2024-56774.html * https://www.suse.com/security/cve/CVE-2024-56775.html * https://www.suse.com/security/cve/CVE-2024-56776.html * https://www.suse.com/security/cve/CVE-2024-56777.html * https://www.suse.com/security/cve/CVE-2024-56778.html * https://www.suse.com/security/cve/CVE-2024-56779.html * https://www.suse.com/security/cve/CVE-2024-56780.html * https://www.suse.com/security/cve/CVE-2024-56787.html * https://www.suse.com/security/cve/CVE-2024-57791.html * https://www.suse.com/security/cve/CVE-2024-57792.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57795.html * https://www.suse.com/security/cve/CVE-2024-57798.html * https://www.suse.com/security/cve/CVE-2024-57801.html * https://www.suse.com/security/cve/CVE-2024-57804.html * https://www.suse.com/security/cve/CVE-2024-57809.html * https://www.suse.com/security/cve/CVE-2024-57838.html * https://www.suse.com/security/cve/CVE-2024-57849.html * https://www.suse.com/security/cve/CVE-2024-57850.html * https://www.suse.com/security/cve/CVE-2024-57857.html * https://www.suse.com/security/cve/CVE-2024-57874.html * https://www.suse.com/security/cve/CVE-2024-57876.html * https://www.suse.com/security/cve/CVE-2024-57887.html * https://www.suse.com/security/cve/CVE-2024-57888.html * https://www.suse.com/security/cve/CVE-2024-57890.html * https://www.suse.com/security/cve/CVE-2024-57892.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2024-57896.html * https://www.suse.com/security/cve/CVE-2024-57897.html * https://www.suse.com/security/cve/CVE-2024-57899.html * https://www.suse.com/security/cve/CVE-2024-57903.html * https://www.suse.com/security/cve/CVE-2024-57904.html * https://www.suse.com/security/cve/CVE-2024-57906.html * https://www.suse.com/security/cve/CVE-2024-57907.html * https://www.suse.com/security/cve/CVE-2024-57908.html * https://www.suse.com/security/cve/CVE-2024-57910.html * https://www.suse.com/security/cve/CVE-2024-57911.html * https://www.suse.com/security/cve/CVE-2024-57912.html * https://www.suse.com/security/cve/CVE-2024-57913.html * https://www.suse.com/security/cve/CVE-2024-57915.html * https://www.suse.com/security/cve/CVE-2024-57916.html * https://www.suse.com/security/cve/CVE-2024-57922.html * https://www.suse.com/security/cve/CVE-2024-57926.html * https://www.suse.com/security/cve/CVE-2024-57929.html * https://www.suse.com/security/cve/CVE-2024-57932.html * https://www.suse.com/security/cve/CVE-2024-57933.html * https://www.suse.com/security/cve/CVE-2024-57935.html * https://www.suse.com/security/cve/CVE-2024-57936.html * https://www.suse.com/security/cve/CVE-2024-57940.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://www.suse.com/security/cve/CVE-2025-21632.html * https://www.suse.com/security/cve/CVE-2025-21645.html * https://www.suse.com/security/cve/CVE-2025-21646.html * https://www.suse.com/security/cve/CVE-2025-21649.html * https://www.suse.com/security/cve/CVE-2025-21650.html * https://www.suse.com/security/cve/CVE-2025-21651.html * https://www.suse.com/security/cve/CVE-2025-21656.html * https://www.suse.com/security/cve/CVE-2025-21662.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1214954 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1218470 * https://bugzilla.suse.com/show_bug.cgi?id=1220355 * https://bugzilla.suse.com/show_bug.cgi?id=1220711 * https://bugzilla.suse.com/show_bug.cgi?id=1220773 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1224095 * https://bugzilla.suse.com/show_bug.cgi?id=1224726 * https://bugzilla.suse.com/show_bug.cgi?id=1225743 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225820 * https://bugzilla.suse.com/show_bug.cgi?id=1225897 * https://bugzilla.suse.com/show_bug.cgi?id=1227445 * https://bugzilla.suse.com/show_bug.cgi?id=1228526 * https://bugzilla.suse.com/show_bug.cgi?id=1228592 * https://bugzilla.suse.com/show_bug.cgi?id=1229809 * https://bugzilla.suse.com/show_bug.cgi?id=1229833 * https://bugzilla.suse.com/show_bug.cgi?id=1230205 * https://bugzilla.suse.com/show_bug.cgi?id=1230413 * https://bugzilla.suse.com/show_bug.cgi?id=1230557 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1230807 * https://bugzilla.suse.com/show_bug.cgi?id=1230827 * https://bugzilla.suse.com/show_bug.cgi?id=1231016 * https://bugzilla.suse.com/show_bug.cgi?id=1231854 * https://bugzilla.suse.com/show_bug.cgi?id=1231909 * https://bugzilla.suse.com/show_bug.cgi?id=1231963 * https://bugzilla.suse.com/show_bug.cgi?id=1232087 * https://bugzilla.suse.com/show_bug.cgi?id=1232157 * https://bugzilla.suse.com/show_bug.cgi?id=1232158 * https://bugzilla.suse.com/show_bug.cgi?id=1232166 * https://bugzilla.suse.com/show_bug.cgi?id=1232193 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232419 * https://bugzilla.suse.com/show_bug.cgi?id=1232420 * https://bugzilla.suse.com/show_bug.cgi?id=1232421 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1232882 * https://bugzilla.suse.com/show_bug.cgi?id=1233038 * https://bugzilla.suse.com/show_bug.cgi?id=1233055 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233096 * https://bugzilla.suse.com/show_bug.cgi?id=1233112 * https://bugzilla.suse.com/show_bug.cgi?id=1233200 * https://bugzilla.suse.com/show_bug.cgi?id=1233201 * https://bugzilla.suse.com/show_bug.cgi?id=1233204 * https://bugzilla.suse.com/show_bug.cgi?id=1233239 * https://bugzilla.suse.com/show_bug.cgi?id=1233259 * https://bugzilla.suse.com/show_bug.cgi?id=1233260 * https://bugzilla.suse.com/show_bug.cgi?id=1233324 * https://bugzilla.suse.com/show_bug.cgi?id=1233328 * https://bugzilla.suse.com/show_bug.cgi?id=1233461 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233468 * https://bugzilla.suse.com/show_bug.cgi?id=1233469 * https://bugzilla.suse.com/show_bug.cgi?id=1233485 * https://bugzilla.suse.com/show_bug.cgi?id=1233488 * https://bugzilla.suse.com/show_bug.cgi?id=1233523 * https://bugzilla.suse.com/show_bug.cgi?id=1233546 * https://bugzilla.suse.com/show_bug.cgi?id=1233547 * https://bugzilla.suse.com/show_bug.cgi?id=1233550 * https://bugzilla.suse.com/show_bug.cgi?id=1233558 * https://bugzilla.suse.com/show_bug.cgi?id=1233568 * https://bugzilla.suse.com/show_bug.cgi?id=1233637 * https://bugzilla.suse.com/show_bug.cgi?id=1233638 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1233772 * https://bugzilla.suse.com/show_bug.cgi?id=1233837 * https://bugzilla.suse.com/show_bug.cgi?id=1234024 * https://bugzilla.suse.com/show_bug.cgi?id=1234069 * https://bugzilla.suse.com/show_bug.cgi?id=1234071 * https://bugzilla.suse.com/show_bug.cgi?id=1234073 * https://bugzilla.suse.com/show_bug.cgi?id=1234075 * https://bugzilla.suse.com/show_bug.cgi?id=1234076 * https://bugzilla.suse.com/show_bug.cgi?id=1234077 * https://bugzilla.suse.com/show_bug.cgi?id=1234078 * https://bugzilla.suse.com/show_bug.cgi?id=1234079 * https://bugzilla.suse.com/show_bug.cgi?id=1234085 * https://bugzilla.suse.com/show_bug.cgi?id=1234086 * https://bugzilla.suse.com/show_bug.cgi?id=1234139 * https://bugzilla.suse.com/show_bug.cgi?id=1234140 * https://bugzilla.suse.com/show_bug.cgi?id=1234141 * https://bugzilla.suse.com/show_bug.cgi?id=1234142 * https://bugzilla.suse.com/show_bug.cgi?id=1234143 * https://bugzilla.suse.com/show_bug.cgi?id=1234144 * https://bugzilla.suse.com/show_bug.cgi?id=1234145 * https://bugzilla.suse.com/show_bug.cgi?id=1234146 * https://bugzilla.suse.com/show_bug.cgi?id=1234147 * https://bugzilla.suse.com/show_bug.cgi?id=1234148 * https://bugzilla.suse.com/show_bug.cgi?id=1234149 * https://bugzilla.suse.com/show_bug.cgi?id=1234150 * https://bugzilla.suse.com/show_bug.cgi?id=1234153 * https://bugzilla.suse.com/show_bug.cgi?id=1234155 * https://bugzilla.suse.com/show_bug.cgi?id=1234156 * https://bugzilla.suse.com/show_bug.cgi?id=1234158 * https://bugzilla.suse.com/show_bug.cgi?id=1234159 * https://bugzilla.suse.com/show_bug.cgi?id=1234160 * https://bugzilla.suse.com/show_bug.cgi?id=1234161 * https://bugzilla.suse.com/show_bug.cgi?id=1234162 * https://bugzilla.suse.com/show_bug.cgi?id=1234163 * https://bugzilla.suse.com/show_bug.cgi?id=1234164 * https://bugzilla.suse.com/show_bug.cgi?id=1234165 * https://bugzilla.suse.com/show_bug.cgi?id=1234166 * https://bugzilla.suse.com/show_bug.cgi?id=1234167 * https://bugzilla.suse.com/show_bug.cgi?id=1234168 * https://bugzilla.suse.com/show_bug.cgi?id=1234169 * https://bugzilla.suse.com/show_bug.cgi?id=1234170 * https://bugzilla.suse.com/show_bug.cgi?id=1234171 * https://bugzilla.suse.com/show_bug.cgi?id=1234172 * https://bugzilla.suse.com/show_bug.cgi?id=1234173 * https://bugzilla.suse.com/show_bug.cgi?id=1234174 * https://bugzilla.suse.com/show_bug.cgi?id=1234175 * https://bugzilla.suse.com/show_bug.cgi?id=1234176 * https://bugzilla.suse.com/show_bug.cgi?id=1234177 * https://bugzilla.suse.com/show_bug.cgi?id=1234178 * https://bugzilla.suse.com/show_bug.cgi?id=1234179 * https://bugzilla.suse.com/show_bug.cgi?id=1234180 * https://bugzilla.suse.com/show_bug.cgi?id=1234181 * https://bugzilla.suse.com/show_bug.cgi?id=1234182 * https://bugzilla.suse.com/show_bug.cgi?id=1234183 * https://bugzilla.suse.com/show_bug.cgi?id=1234184 * https://bugzilla.suse.com/show_bug.cgi?id=1234185 * https://bugzilla.suse.com/show_bug.cgi?id=1234186 * https://bugzilla.suse.com/show_bug.cgi?id=1234187 * https://bugzilla.suse.com/show_bug.cgi?id=1234188 * https://bugzilla.suse.com/show_bug.cgi?id=1234189 * https://bugzilla.suse.com/show_bug.cgi?id=1234190 * https://bugzilla.suse.com/show_bug.cgi?id=1234191 * https://bugzilla.suse.com/show_bug.cgi?id=1234192 * https://bugzilla.suse.com/show_bug.cgi?id=1234193 * https://bugzilla.suse.com/show_bug.cgi?id=1234194 * https://bugzilla.suse.com/show_bug.cgi?id=1234195 * https://bugzilla.suse.com/show_bug.cgi?id=1234196 * https://bugzilla.suse.com/show_bug.cgi?id=1234197 * https://bugzilla.suse.com/show_bug.cgi?id=1234198 * https://bugzilla.suse.com/show_bug.cgi?id=1234199 * https://bugzilla.suse.com/show_bug.cgi?id=1234200 * https://bugzilla.suse.com/show_bug.cgi?id=1234201 * https://bugzilla.suse.com/show_bug.cgi?id=1234203 * https://bugzilla.suse.com/show_bug.cgi?id=1234204 * https://bugzilla.suse.com/show_bug.cgi?id=1234205 * https://bugzilla.suse.com/show_bug.cgi?id=1234207 * https://bugzilla.suse.com/show_bug.cgi?id=1234208 * https://bugzilla.suse.com/show_bug.cgi?id=1234209 * https://bugzilla.suse.com/show_bug.cgi?id=1234219 * https://bugzilla.suse.com/show_bug.cgi?id=1234220 * https://bugzilla.suse.com/show_bug.cgi?id=1234221 * https://bugzilla.suse.com/show_bug.cgi?id=1234223 * https://bugzilla.suse.com/show_bug.cgi?id=1234237 * https://bugzilla.suse.com/show_bug.cgi?id=1234238 * https://bugzilla.suse.com/show_bug.cgi?id=1234239 * https://bugzilla.suse.com/show_bug.cgi?id=1234240 * https://bugzilla.suse.com/show_bug.cgi?id=1234241 * https://bugzilla.suse.com/show_bug.cgi?id=1234242 * https://bugzilla.suse.com/show_bug.cgi?id=1234243 * https://bugzilla.suse.com/show_bug.cgi?id=1234278 * https://bugzilla.suse.com/show_bug.cgi?id=1234279 * https://bugzilla.suse.com/show_bug.cgi?id=1234280 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234294 * https://bugzilla.suse.com/show_bug.cgi?id=1234338 * https://bugzilla.suse.com/show_bug.cgi?id=1234357 * https://bugzilla.suse.com/show_bug.cgi?id=1234381 * https://bugzilla.suse.com/show_bug.cgi?id=1234454 * https://bugzilla.suse.com/show_bug.cgi?id=1234464 * https://bugzilla.suse.com/show_bug.cgi?id=1234605 * https://bugzilla.suse.com/show_bug.cgi?id=1234619 * https://bugzilla.suse.com/show_bug.cgi?id=1234635 * https://bugzilla.suse.com/show_bug.cgi?id=1234651 * https://bugzilla.suse.com/show_bug.cgi?id=1234652 * https://bugzilla.suse.com/show_bug.cgi?id=1234654 * https://bugzilla.suse.com/show_bug.cgi?id=1234655 * https://bugzilla.suse.com/show_bug.cgi?id=1234657 * https://bugzilla.suse.com/show_bug.cgi?id=1234658 * https://bugzilla.suse.com/show_bug.cgi?id=1234659 * https://bugzilla.suse.com/show_bug.cgi?id=1234668 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234725 * https://bugzilla.suse.com/show_bug.cgi?id=1234726 * https://bugzilla.suse.com/show_bug.cgi?id=1234810 * https://bugzilla.suse.com/show_bug.cgi?id=1234811 * https://bugzilla.suse.com/show_bug.cgi?id=1234825 * https://bugzilla.suse.com/show_bug.cgi?id=1234826 * https://bugzilla.suse.com/show_bug.cgi?id=1234827 * https://bugzilla.suse.com/show_bug.cgi?id=1234829 * https://bugzilla.suse.com/show_bug.cgi?id=1234832 * https://bugzilla.suse.com/show_bug.cgi?id=1234834 * https://bugzilla.suse.com/show_bug.cgi?id=1234843 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234848 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234855 * https://bugzilla.suse.com/show_bug.cgi?id=1234856 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1234884 * https://bugzilla.suse.com/show_bug.cgi?id=1234887 * https://bugzilla.suse.com/show_bug.cgi?id=1234888 * https://bugzilla.suse.com/show_bug.cgi?id=1234889 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234893 * https://bugzilla.suse.com/show_bug.cgi?id=1234898 * https://bugzilla.suse.com/show_bug.cgi?id=1234899 * https://bugzilla.suse.com/show_bug.cgi?id=1234900 * https://bugzilla.suse.com/show_bug.cgi?id=1234901 * https://bugzilla.suse.com/show_bug.cgi?id=1234905 * https://bugzilla.suse.com/show_bug.cgi?id=1234906 * https://bugzilla.suse.com/show_bug.cgi?id=1234907 * https://bugzilla.suse.com/show_bug.cgi?id=1234909 * https://bugzilla.suse.com/show_bug.cgi?id=1234911 * https://bugzilla.suse.com/show_bug.cgi?id=1234912 * https://bugzilla.suse.com/show_bug.cgi?id=1234916 * https://bugzilla.suse.com/show_bug.cgi?id=1234918 * https://bugzilla.suse.com/show_bug.cgi?id=1234920 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234922 * https://bugzilla.suse.com/show_bug.cgi?id=1234923 * https://bugzilla.suse.com/show_bug.cgi?id=1234929 * https://bugzilla.suse.com/show_bug.cgi?id=1234930 * https://bugzilla.suse.com/show_bug.cgi?id=1234931 * https://bugzilla.suse.com/show_bug.cgi?id=1234934 * https://bugzilla.suse.com/show_bug.cgi?id=1234937 * https://bugzilla.suse.com/show_bug.cgi?id=1234948 * https://bugzilla.suse.com/show_bug.cgi?id=1234950 * https://bugzilla.suse.com/show_bug.cgi?id=1234952 * https://bugzilla.suse.com/show_bug.cgi?id=1234957 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234962 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1234968 * https://bugzilla.suse.com/show_bug.cgi?id=1234969 * https://bugzilla.suse.com/show_bug.cgi?id=1234970 * https://bugzilla.suse.com/show_bug.cgi?id=1234971 * https://bugzilla.suse.com/show_bug.cgi?id=1234973 * https://bugzilla.suse.com/show_bug.cgi?id=1234974 * https://bugzilla.suse.com/show_bug.cgi?id=1234989 * https://bugzilla.suse.com/show_bug.cgi?id=1234999 * https://bugzilla.suse.com/show_bug.cgi?id=1235000 * https://bugzilla.suse.com/show_bug.cgi?id=1235002 * https://bugzilla.suse.com/show_bug.cgi?id=1235003 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235007 * https://bugzilla.suse.com/show_bug.cgi?id=1235009 * https://bugzilla.suse.com/show_bug.cgi?id=1235011 * https://bugzilla.suse.com/show_bug.cgi?id=1235016 * https://bugzilla.suse.com/show_bug.cgi?id=1235019 * https://bugzilla.suse.com/show_bug.cgi?id=1235031 * https://bugzilla.suse.com/show_bug.cgi?id=1235032 * https://bugzilla.suse.com/show_bug.cgi?id=1235033 * https://bugzilla.suse.com/show_bug.cgi?id=1235035 * https://bugzilla.suse.com/show_bug.cgi?id=1235037 * https://bugzilla.suse.com/show_bug.cgi?id=1235038 * https://bugzilla.suse.com/show_bug.cgi?id=1235039 * https://bugzilla.suse.com/show_bug.cgi?id=1235040 * https://bugzilla.suse.com/show_bug.cgi?id=1235042 * https://bugzilla.suse.com/show_bug.cgi?id=1235043 * https://bugzilla.suse.com/show_bug.cgi?id=1235045 * https://bugzilla.suse.com/show_bug.cgi?id=1235046 * https://bugzilla.suse.com/show_bug.cgi?id=1235050 * https://bugzilla.suse.com/show_bug.cgi?id=1235051 * https://bugzilla.suse.com/show_bug.cgi?id=1235053 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235057 * https://bugzilla.suse.com/show_bug.cgi?id=1235059 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235065 * https://bugzilla.suse.com/show_bug.cgi?id=1235070 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235075 * https://bugzilla.suse.com/show_bug.cgi?id=1235100 * https://bugzilla.suse.com/show_bug.cgi?id=1235108 * https://bugzilla.suse.com/show_bug.cgi?id=1235112 * https://bugzilla.suse.com/show_bug.cgi?id=1235115 * https://bugzilla.suse.com/show_bug.cgi?id=1235117 * https://bugzilla.suse.com/show_bug.cgi?id=1235122 * https://bugzilla.suse.com/show_bug.cgi?id=1235123 * https://bugzilla.suse.com/show_bug.cgi?id=1235125 * https://bugzilla.suse.com/show_bug.cgi?id=1235128 * https://bugzilla.suse.com/show_bug.cgi?id=1235132 * https://bugzilla.suse.com/show_bug.cgi?id=1235133 * https://bugzilla.suse.com/show_bug.cgi?id=1235134 * https://bugzilla.suse.com/show_bug.cgi?id=1235138 * https://bugzilla.suse.com/show_bug.cgi?id=1235155 * https://bugzilla.suse.com/show_bug.cgi?id=1235160 * https://bugzilla.suse.com/show_bug.cgi?id=1235219 * https://bugzilla.suse.com/show_bug.cgi?id=1235220 * https://bugzilla.suse.com/show_bug.cgi?id=1235222 * https://bugzilla.suse.com/show_bug.cgi?id=1235223 * https://bugzilla.suse.com/show_bug.cgi?id=1235224 * https://bugzilla.suse.com/show_bug.cgi?id=1235227 * https://bugzilla.suse.com/show_bug.cgi?id=1235241 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235249 * https://bugzilla.suse.com/show_bug.cgi?id=1235251 * https://bugzilla.suse.com/show_bug.cgi?id=1235252 * https://bugzilla.suse.com/show_bug.cgi?id=1235389 * https://bugzilla.suse.com/show_bug.cgi?id=1235391 * https://bugzilla.suse.com/show_bug.cgi?id=1235406 * https://bugzilla.suse.com/show_bug.cgi?id=1235409 * https://bugzilla.suse.com/show_bug.cgi?id=1235410 * https://bugzilla.suse.com/show_bug.cgi?id=1235412 * https://bugzilla.suse.com/show_bug.cgi?id=1235413 * https://bugzilla.suse.com/show_bug.cgi?id=1235415 * https://bugzilla.suse.com/show_bug.cgi?id=1235416 * https://bugzilla.suse.com/show_bug.cgi?id=1235417 * https://bugzilla.suse.com/show_bug.cgi?id=1235423 * https://bugzilla.suse.com/show_bug.cgi?id=1235424 * https://bugzilla.suse.com/show_bug.cgi?id=1235425 * https://bugzilla.suse.com/show_bug.cgi?id=1235426 * https://bugzilla.suse.com/show_bug.cgi?id=1235427 * https://bugzilla.suse.com/show_bug.cgi?id=1235428 * https://bugzilla.suse.com/show_bug.cgi?id=1235429 * https://bugzilla.suse.com/show_bug.cgi?id=1235433 * https://bugzilla.suse.com/show_bug.cgi?id=1235437 * https://bugzilla.suse.com/show_bug.cgi?id=1235439 * https://bugzilla.suse.com/show_bug.cgi?id=1235444 * https://bugzilla.suse.com/show_bug.cgi?id=1235445 * https://bugzilla.suse.com/show_bug.cgi?id=1235449 * https://bugzilla.suse.com/show_bug.cgi?id=1235451 * https://bugzilla.suse.com/show_bug.cgi?id=1235454 * https://bugzilla.suse.com/show_bug.cgi?id=1235458 * https://bugzilla.suse.com/show_bug.cgi?id=1235459 * https://bugzilla.suse.com/show_bug.cgi?id=1235464 * https://bugzilla.suse.com/show_bug.cgi?id=1235466 * https://bugzilla.suse.com/show_bug.cgi?id=1235473 * https://bugzilla.suse.com/show_bug.cgi?id=1235479 * https://bugzilla.suse.com/show_bug.cgi?id=1235480 * https://bugzilla.suse.com/show_bug.cgi?id=1235483 * https://bugzilla.suse.com/show_bug.cgi?id=1235486 * https://bugzilla.suse.com/show_bug.cgi?id=1235488 * https://bugzilla.suse.com/show_bug.cgi?id=1235491 * https://bugzilla.suse.com/show_bug.cgi?id=1235494 * https://bugzilla.suse.com/show_bug.cgi?id=1235495 * https://bugzilla.suse.com/show_bug.cgi?id=1235496 * https://bugzilla.suse.com/show_bug.cgi?id=1235497 * https://bugzilla.suse.com/show_bug.cgi?id=1235500 * https://bugzilla.suse.com/show_bug.cgi?id=1235502 * https://bugzilla.suse.com/show_bug.cgi?id=1235503 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 * https://bugzilla.suse.com/show_bug.cgi?id=1235519 * https://bugzilla.suse.com/show_bug.cgi?id=1235520 * https://bugzilla.suse.com/show_bug.cgi?id=1235521 * https://bugzilla.suse.com/show_bug.cgi?id=1235523 * https://bugzilla.suse.com/show_bug.cgi?id=1235526 * https://bugzilla.suse.com/show_bug.cgi?id=1235528 * https://bugzilla.suse.com/show_bug.cgi?id=1235532 * https://bugzilla.suse.com/show_bug.cgi?id=1235533 * https://bugzilla.suse.com/show_bug.cgi?id=1235534 * https://bugzilla.suse.com/show_bug.cgi?id=1235537 * https://bugzilla.suse.com/show_bug.cgi?id=1235538 * https://bugzilla.suse.com/show_bug.cgi?id=1235550 * https://bugzilla.suse.com/show_bug.cgi?id=1235552 * https://bugzilla.suse.com/show_bug.cgi?id=1235555 * https://bugzilla.suse.com/show_bug.cgi?id=1235557 * https://bugzilla.suse.com/show_bug.cgi?id=1235563 * https://bugzilla.suse.com/show_bug.cgi?id=1235564 * https://bugzilla.suse.com/show_bug.cgi?id=1235565 * https://bugzilla.suse.com/show_bug.cgi?id=1235568 * https://bugzilla.suse.com/show_bug.cgi?id=1235570 * https://bugzilla.suse.com/show_bug.cgi?id=1235571 * https://bugzilla.suse.com/show_bug.cgi?id=1235577 * https://bugzilla.suse.com/show_bug.cgi?id=1235584 * https://bugzilla.suse.com/show_bug.cgi?id=1235587 * https://bugzilla.suse.com/show_bug.cgi?id=1235611 * https://bugzilla.suse.com/show_bug.cgi?id=1235616 * https://bugzilla.suse.com/show_bug.cgi?id=1235622 * https://bugzilla.suse.com/show_bug.cgi?id=1235627 * https://bugzilla.suse.com/show_bug.cgi?id=1235632 * https://bugzilla.suse.com/show_bug.cgi?id=1235635 * https://bugzilla.suse.com/show_bug.cgi?id=1235641 * https://bugzilla.suse.com/show_bug.cgi?id=1235643 * https://bugzilla.suse.com/show_bug.cgi?id=1235645 * https://bugzilla.suse.com/show_bug.cgi?id=1235646 * https://bugzilla.suse.com/show_bug.cgi?id=1235647 * https://bugzilla.suse.com/show_bug.cgi?id=1235650 * https://bugzilla.suse.com/show_bug.cgi?id=1235653 * https://bugzilla.suse.com/show_bug.cgi?id=1235657 * https://bugzilla.suse.com/show_bug.cgi?id=1235663 * https://bugzilla.suse.com/show_bug.cgi?id=1235700 * https://bugzilla.suse.com/show_bug.cgi?id=1235705 * https://bugzilla.suse.com/show_bug.cgi?id=1235707 * https://bugzilla.suse.com/show_bug.cgi?id=1235708 * https://bugzilla.suse.com/show_bug.cgi?id=1235710 * https://bugzilla.suse.com/show_bug.cgi?id=1235714 * https://bugzilla.suse.com/show_bug.cgi?id=1235716 * https://bugzilla.suse.com/show_bug.cgi?id=1235720 * https://bugzilla.suse.com/show_bug.cgi?id=1235723 * https://bugzilla.suse.com/show_bug.cgi?id=1235727 * https://bugzilla.suse.com/show_bug.cgi?id=1235730 * https://bugzilla.suse.com/show_bug.cgi?id=1235737 * https://bugzilla.suse.com/show_bug.cgi?id=1235739 * https://bugzilla.suse.com/show_bug.cgi?id=1235745 * https://bugzilla.suse.com/show_bug.cgi?id=1235747 * https://bugzilla.suse.com/show_bug.cgi?id=1235750 * https://bugzilla.suse.com/show_bug.cgi?id=1235753 * https://bugzilla.suse.com/show_bug.cgi?id=1235759 * https://bugzilla.suse.com/show_bug.cgi?id=1235764 * https://bugzilla.suse.com/show_bug.cgi?id=1235768 * https://bugzilla.suse.com/show_bug.cgi?id=1235776 * https://bugzilla.suse.com/show_bug.cgi?id=1235777 * https://bugzilla.suse.com/show_bug.cgi?id=1235778 * https://bugzilla.suse.com/show_bug.cgi?id=1235779 * https://bugzilla.suse.com/show_bug.cgi?id=1235793 * https://bugzilla.suse.com/show_bug.cgi?id=1235798 * https://bugzilla.suse.com/show_bug.cgi?id=1235806 * https://bugzilla.suse.com/show_bug.cgi?id=1235808 * https://bugzilla.suse.com/show_bug.cgi?id=1235812 * https://bugzilla.suse.com/show_bug.cgi?id=1235814 * https://bugzilla.suse.com/show_bug.cgi?id=1235818 * https://bugzilla.suse.com/show_bug.cgi?id=1235842 * https://bugzilla.suse.com/show_bug.cgi?id=1235894 * https://bugzilla.suse.com/show_bug.cgi?id=1235902 * https://bugzilla.suse.com/show_bug.cgi?id=1235903 * https://bugzilla.suse.com/show_bug.cgi?id=1235906 * https://bugzilla.suse.com/show_bug.cgi?id=1235918 * https://bugzilla.suse.com/show_bug.cgi?id=1235919 * https://bugzilla.suse.com/show_bug.cgi?id=1235920 * https://bugzilla.suse.com/show_bug.cgi?id=1235924 * https://bugzilla.suse.com/show_bug.cgi?id=1235940 * https://bugzilla.suse.com/show_bug.cgi?id=1235946 * https://bugzilla.suse.com/show_bug.cgi?id=1235952 * https://bugzilla.suse.com/show_bug.cgi?id=1235964 * https://bugzilla.suse.com/show_bug.cgi?id=1235965 * https://bugzilla.suse.com/show_bug.cgi?id=1235967 * https://bugzilla.suse.com/show_bug.cgi?id=1235969 * https://bugzilla.suse.com/show_bug.cgi?id=1235976 * https://bugzilla.suse.com/show_bug.cgi?id=1235977 * https://bugzilla.suse.com/show_bug.cgi?id=1236078 * https://bugzilla.suse.com/show_bug.cgi?id=1236080 * https://bugzilla.suse.com/show_bug.cgi?id=1236082 * https://bugzilla.suse.com/show_bug.cgi?id=1236088 * https://bugzilla.suse.com/show_bug.cgi?id=1236090 * https://bugzilla.suse.com/show_bug.cgi?id=1236091 * https://bugzilla.suse.com/show_bug.cgi?id=1236096 * https://bugzilla.suse.com/show_bug.cgi?id=1236097 * https://bugzilla.suse.com/show_bug.cgi?id=1236098 * https://bugzilla.suse.com/show_bug.cgi?id=1236101 * https://bugzilla.suse.com/show_bug.cgi?id=1236102 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1236106 * https://bugzilla.suse.com/show_bug.cgi?id=1236120 * https://bugzilla.suse.com/show_bug.cgi?id=1236125 * https://bugzilla.suse.com/show_bug.cgi?id=1236131 * https://bugzilla.suse.com/show_bug.cgi?id=1236138 * https://bugzilla.suse.com/show_bug.cgi?id=1236143 * https://bugzilla.suse.com/show_bug.cgi?id=1236144 * https://bugzilla.suse.com/show_bug.cgi?id=1236145 * https://bugzilla.suse.com/show_bug.cgi?id=1236168 * https://bugzilla.suse.com/show_bug.cgi?id=1236178 * https://bugzilla.suse.com/show_bug.cgi?id=1236180 * https://bugzilla.suse.com/show_bug.cgi?id=1236181 * https://bugzilla.suse.com/show_bug.cgi?id=1236190 * https://bugzilla.suse.com/show_bug.cgi?id=1236198 * https://bugzilla.suse.com/show_bug.cgi?id=1236227 * https://bugzilla.suse.com/show_bug.cgi?id=1236248 * https://jira.suse.com/browse/PED-10467 * https://jira.suse.com/browse/PED-7242 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 08:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 08:30:04 -0000 Subject: SUSE-SU-2025:0292-1: moderate: Security update for shadow Message-ID: <173822580466.22227.1666524736283875989@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2025:0292-1 Release Date: 2025-01-29T22:41:58Z Rating: moderate References: * bsc#1228770 Cross-References: * CVE-2013-4235 CVSS scores: * CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for shadow fixes the following issues: * Fixed not copying of skel files (bsc#1228770) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-292=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-292=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-292=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-292=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * login_defs-4.8.1-150300.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * shadow-debuginfo-4.8.1-150300.4.18.1 * shadow-4.8.1-150300.4.18.1 * shadow-debugsource-4.8.1-150300.4.18.1 * SUSE Enterprise Storage 7.1 (noarch) * login_defs-4.8.1-150300.4.18.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * shadow-debuginfo-4.8.1-150300.4.18.1 * shadow-4.8.1-150300.4.18.1 * shadow-debugsource-4.8.1-150300.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * login_defs-4.8.1-150300.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * shadow-debuginfo-4.8.1-150300.4.18.1 * shadow-4.8.1-150300.4.18.1 * shadow-debugsource-4.8.1-150300.4.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * login_defs-4.8.1-150300.4.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150300.4.18.1 * shadow-4.8.1-150300.4.18.1 * shadow-debugsource-4.8.1-150300.4.18.1 ## References: * https://www.suse.com/security/cve/CVE-2013-4235.html * https://bugzilla.suse.com/show_bug.cgi?id=1228770 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 12:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 12:30:06 -0000 Subject: SUSE-SU-2025:0295-1: moderate: Security update for ignition Message-ID: <173824020608.22572.2260522745577330548@smelt2.prg2.suse.org> # Security update for ignition Announcement ID: SUSE-SU-2025:0295-1 Release Date: 2025-01-30T09:56:41Z Rating: moderate References: * bsc#1236518 Cross-References: * CVE-2023-45288 CVSS scores: * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 (bsc#1236518) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-295=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * ignition-debuginfo-2.17.0-150500.3.6.1 * ignition-dracut-grub2-2.17.0-150500.3.6.1 * ignition-2.17.0-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://bugzilla.suse.com/show_bug.cgi?id=1236518 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 16:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 16:30:04 -0000 Subject: SUSE-SU-2025:0304-1: moderate: Security update for krb5 Message-ID: <173825460416.22572.2424439087846628742@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2025:0304-1 Release Date: 2025-01-30T14:52:22Z Rating: moderate References: * bsc#1236619 Cross-References: * CVE-2025-24528 CVSS scores: * CVE-2025-24528 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-24528 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash (bsc#1236619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-304=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-304=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-debuginfo-1.20.1-150500.3.12.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.12.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.12.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.12.1 * krb5-mini-devel-1.20.1-150500.3.12.1 * krb5-client-debuginfo-1.20.1-150500.3.12.1 * krb5-debugsource-1.20.1-150500.3.12.1 * krb5-devel-1.20.1-150500.3.12.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.12.1 * krb5-server-1.20.1-150500.3.12.1 * krb5-mini-debuginfo-1.20.1-150500.3.12.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.12.1 * krb5-1.20.1-150500.3.12.1 * krb5-mini-1.20.1-150500.3.12.1 * krb5-mini-debugsource-1.20.1-150500.3.12.1 * krb5-client-1.20.1-150500.3.12.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.12.1 * krb5-server-debuginfo-1.20.1-150500.3.12.1 * openSUSE Leap 15.5 (x86_64) * krb5-32bit-1.20.1-150500.3.12.1 * krb5-32bit-debuginfo-1.20.1-150500.3.12.1 * krb5-devel-32bit-1.20.1-150500.3.12.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-devel-64bit-1.20.1-150500.3.12.1 * krb5-64bit-1.20.1-150500.3.12.1 * krb5-64bit-debuginfo-1.20.1-150500.3.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.20.1-150500.3.12.1 * krb5-debuginfo-1.20.1-150500.3.12.1 * krb5-1.20.1-150500.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-24528.html * https://bugzilla.suse.com/show_bug.cgi?id=1236619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 16:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 16:30:06 -0000 Subject: SUSE-SU-2025:0303-1: important: Security update for libxml2 Message-ID: <173825460672.22572.18020745193883350914@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:0303-1 Release Date: 2025-01-30T14:51:20Z Rating: important References: * bsc#1236460 Cross-References: * CVE-2022-49043 CVSS scores: * CVE-2022-49043 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49043 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49043 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. (bsc#1236460) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-303=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-303=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-303=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-303=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-303=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-303=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-303=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-303=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-libxml2-python-debugsource-2.9.7-150000.3.73.1 * python3-libxml2-python-2.9.7-150000.3.73.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.73.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libxml2-debugsource-2.9.7-150000.3.73.1 * libxml2-tools-2.9.7-150000.3.73.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.73.1 * libxml2-tools-debuginfo-2.9.7-150000.3.73.1 * python3-libxml2-python-2.9.7-150000.3.73.1 * libxml2-2-debuginfo-2.9.7-150000.3.73.1 * python-libxml2-python-debugsource-2.9.7-150000.3.73.1 * libxml2-2-2.9.7-150000.3.73.1 * libxml2-devel-2.9.7-150000.3.73.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libxml2-2-32bit-debuginfo-2.9.7-150000.3.73.1 * libxml2-2-32bit-2.9.7-150000.3.73.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libxml2-debugsource-2.9.7-150000.3.73.1 * libxml2-tools-2.9.7-150000.3.73.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.73.1 * libxml2-tools-debuginfo-2.9.7-150000.3.73.1 * python3-libxml2-python-2.9.7-150000.3.73.1 * libxml2-2-debuginfo-2.9.7-150000.3.73.1 * python-libxml2-python-debugsource-2.9.7-150000.3.73.1 * libxml2-2-2.9.7-150000.3.73.1 * libxml2-devel-2.9.7-150000.3.73.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * libxml2-2-32bit-debuginfo-2.9.7-150000.3.73.1 * libxml2-2-32bit-2.9.7-150000.3.73.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libxml2-debugsource-2.9.7-150000.3.73.1 * libxml2-tools-2.9.7-150000.3.73.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.73.1 * libxml2-tools-debuginfo-2.9.7-150000.3.73.1 * python3-libxml2-python-2.9.7-150000.3.73.1 * libxml2-2-debuginfo-2.9.7-150000.3.73.1 * python-libxml2-python-debugsource-2.9.7-150000.3.73.1 * libxml2-2-2.9.7-150000.3.73.1 * libxml2-devel-2.9.7-150000.3.73.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libxml2-2-32bit-debuginfo-2.9.7-150000.3.73.1 * libxml2-2-32bit-2.9.7-150000.3.73.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libxml2-debugsource-2.9.7-150000.3.73.1 * libxml2-tools-2.9.7-150000.3.73.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.73.1 * libxml2-tools-debuginfo-2.9.7-150000.3.73.1 * python3-libxml2-python-2.9.7-150000.3.73.1 * libxml2-2-debuginfo-2.9.7-150000.3.73.1 * python-libxml2-python-debugsource-2.9.7-150000.3.73.1 * libxml2-2-2.9.7-150000.3.73.1 * libxml2-devel-2.9.7-150000.3.73.1 * SUSE Enterprise Storage 7.1 (x86_64) * libxml2-2-32bit-debuginfo-2.9.7-150000.3.73.1 * libxml2-2-32bit-2.9.7-150000.3.73.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libxml2-debugsource-2.9.7-150000.3.73.1 * libxml2-tools-2.9.7-150000.3.73.1 * libxml2-tools-debuginfo-2.9.7-150000.3.73.1 * libxml2-2-debuginfo-2.9.7-150000.3.73.1 * libxml2-2-2.9.7-150000.3.73.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libxml2-debugsource-2.9.7-150000.3.73.1 * libxml2-tools-2.9.7-150000.3.73.1 * libxml2-tools-debuginfo-2.9.7-150000.3.73.1 * python3-libxml2-python-2.9.7-150000.3.73.1 * libxml2-2-debuginfo-2.9.7-150000.3.73.1 * python-libxml2-python-debugsource-2.9.7-150000.3.73.1 * libxml2-2-2.9.7-150000.3.73.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.73.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libxml2-debugsource-2.9.7-150000.3.73.1 * libxml2-tools-2.9.7-150000.3.73.1 * libxml2-tools-debuginfo-2.9.7-150000.3.73.1 * python3-libxml2-python-2.9.7-150000.3.73.1 * libxml2-2-debuginfo-2.9.7-150000.3.73.1 * python-libxml2-python-debugsource-2.9.7-150000.3.73.1 * libxml2-2-2.9.7-150000.3.73.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.73.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49043.html * https://bugzilla.suse.com/show_bug.cgi?id=1236460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 16:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 16:30:14 -0000 Subject: SUSE-SU-2025:0302-1: moderate: Security update for google-osconfig-agent Message-ID: <173825461457.22572.15013840136872821114@smelt2.prg2.suse.org> # Security update for google-osconfig-agent Announcement ID: SUSE-SU-2025:0302-1 Release Date: 2025-01-30T14:50:41Z Rating: moderate References: * bsc#1225974 * bsc#1236406 * bsc#1236407 Cross-References: * CVE-2024-24790 CVSS scores: * CVE-2024-24790 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2024-24790 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for google-osconfig-agent fixes the following issues: * Update to version 20250115.01 (bsc#1236406, bsc#1236407) * CVE-2024-24790: Bump the golang compiler version to 1.22.4 (bsc#1225974) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-302=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-302=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-302=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-302=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-302=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-302=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.41.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.41.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.41.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.41.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.41.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.41.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24790.html * https://bugzilla.suse.com/show_bug.cgi?id=1225974 * https://bugzilla.suse.com/show_bug.cgi?id=1236406 * https://bugzilla.suse.com/show_bug.cgi?id=1236407 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 16:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 16:30:19 -0000 Subject: SUSE-SU-2025:0301-1: important: Security update for buildah Message-ID: <173825461910.22572.14925032198119189437@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2025:0301-1 Release Date: 2025-01-30T14:50:06Z Rating: important References: * bsc#1236272 Cross-References: * CVE-2024-11218 CVSS scores: * CVE-2024-11218 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-11218 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-11218 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for buildah fixes the following issues: * Update to version 1.35.5 * CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src" values. (bsc#1236272) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-301=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-301=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-301=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.5-150500.3.25.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.25.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.25.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11218.html * https://bugzilla.suse.com/show_bug.cgi?id=1236272 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 16:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 16:30:24 -0000 Subject: SUSE-SU-2025:0300-1: important: Security update for libxml2 Message-ID: <173825462414.22572.14752196565440609605@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:0300-1 Release Date: 2025-01-30T14:49:52Z Rating: important References: * bsc#1236460 Cross-References: * CVE-2022-49043 CVSS scores: * CVE-2022-49043 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49043 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49043 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. (bsc#1236460) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-300=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-300=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libxml2-tools-2.9.4-46.78.1 * python-libxml2-debuginfo-2.9.4-46.78.1 * libxml2-debugsource-2.9.4-46.78.1 * libxml2-2-2.9.4-46.78.1 * python-libxml2-2.9.4-46.78.1 * libxml2-devel-2.9.4-46.78.1 * python-libxml2-debugsource-2.9.4-46.78.1 * libxml2-tools-debuginfo-2.9.4-46.78.1 * libxml2-2-debuginfo-2.9.4-46.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * libxml2-doc-2.9.4-46.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libxml2-2-32bit-2.9.4-46.78.1 * libxml2-2-debuginfo-32bit-2.9.4-46.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libxml2-tools-2.9.4-46.78.1 * python-libxml2-debuginfo-2.9.4-46.78.1 * libxml2-debugsource-2.9.4-46.78.1 * libxml2-2-32bit-2.9.4-46.78.1 * libxml2-2-2.9.4-46.78.1 * python-libxml2-2.9.4-46.78.1 * libxml2-devel-2.9.4-46.78.1 * libxml2-2-debuginfo-32bit-2.9.4-46.78.1 * python-libxml2-debugsource-2.9.4-46.78.1 * libxml2-tools-debuginfo-2.9.4-46.78.1 * libxml2-2-debuginfo-2.9.4-46.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libxml2-doc-2.9.4-46.78.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49043.html * https://bugzilla.suse.com/show_bug.cgi?id=1236460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 16:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 16:30:26 -0000 Subject: SUSE-SU-2025:0299-1: moderate: Security update for ignition Message-ID: <173825462622.22572.2934721080720588266@smelt2.prg2.suse.org> # Security update for ignition Announcement ID: SUSE-SU-2025:0299-1 Release Date: 2025-01-30T14:33:39Z Rating: moderate References: * bsc#1236518 Cross-References: * CVE-2023-45288 CVSS scores: * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * HPC Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 (bsc#1236518) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-299=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-299=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-299=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ignition-debuginfo-2.14.0-150400.9.6.1 * ignition-dracut-grub2-2.14.0-150400.9.6.1 * ignition-2.14.0-150400.9.6.1 * HPC Module 15-SP6 (aarch64 x86_64) * ignition-debuginfo-2.14.0-150400.9.6.1 * ignition-dracut-grub2-2.14.0-150400.9.6.1 * ignition-2.14.0-150400.9.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * ignition-debuginfo-2.14.0-150400.9.6.1 * ignition-dracut-grub2-2.14.0-150400.9.6.1 * ignition-2.14.0-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://bugzilla.suse.com/show_bug.cgi?id=1236518 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 30 16:30:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 Jan 2025 16:30:29 -0000 Subject: SUSE-SU-2025:0297-1: moderate: Security update for govulncheck-vulndb Message-ID: <173825462953.22572.2256426179771357104@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:0297-1 Release Date: 2025-01-30T14:03:41Z Rating: moderate References: * jsc#PED-11136 Cross-References: * CVE-2024-11218 * CVE-2024-36402 * CVE-2024-36403 * CVE-2024-45336 * CVE-2024-45339 * CVE-2024-45340 * CVE-2024-45341 * CVE-2024-51491 * CVE-2024-52281 * CVE-2024-52594 * CVE-2024-52602 * CVE-2024-52791 * CVE-2024-53263 * CVE-2024-56138 * CVE-2024-56323 * CVE-2024-56515 * CVE-2025-0377 * CVE-2025-20033 * CVE-2025-20086 * CVE-2025-20088 * CVE-2025-20621 * CVE-2025-21088 * CVE-2025-22149 * CVE-2025-22445 * CVE-2025-22449 * CVE-2025-22865 * CVE-2025-23028 * CVE-2025-23047 * CVE-2025-23208 * CVE-2025-24030 * CVE-2025-24337 * CVE-2025-24354 * CVE-2025-24355 CVSS scores: * CVE-2024-11218 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-11218 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-11218 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-36402 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-36403 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45336 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-45339 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-45339 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-45339 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-45340 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L * CVE-2024-45340 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45341 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-51491 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-52594 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-52602 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-52791 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-53263 ( NVD ): 8.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56138 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56323 ( NVD ): 5.8 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56515 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N * CVE-2025-0377 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-20033 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-20086 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-20088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-20621 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22149 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-22445 ( NVD ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2025-22449 ( NVD ): 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N * CVE-2025-22865 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22865 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-23028 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-23028 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-23047 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-23208 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-24030 ( NVD ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-24337 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-24354 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-24355 ( NVD ): 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves 33 vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250128T150132 2025-01-28T15:01:32Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3409 CVE-2025-23208 GHSA-c9p4-xwr9-rfhx * GO-2025-3410 CVE-2025-24337 GHSA-3qc3-mx6x-267h * GO-2025-3413 CVE-2025-0377 GHSA-wpfp-cm49-9m9q * GO-2025-3414 CVE-2024-11218 GHSA-5vpc-35f4-r8w6 * GO-2025-3415 CVE-2025-23028 GHSA-9m5p-c77c-f9j7 * GO-2025-3416 CVE-2025-23047 GHSA-h78m-j95m-5356 * GO-2025-3418 CVE-2025-24030 GHSA-j777-63hf-hx76 * GO-2025-3419 CVE-2025-24355 GHSA-v34r-vj4r-38j6 * GO-2025-3422 CVE-2025-24354 * Update to version 0.0.20250128T004730 2025-01-28T00:47:30Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3372 CVE-2024-45339 * GO-2025-3373 CVE-2024-45341 * GO-2025-3383 CVE-2024-45340 * GO-2025-3420 CVE-2024-45336 * GO-2025-3421 CVE-2025-22865 * Update to version 0.0.20250117T214834 2025-01-17T21:48:34Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3392 CVE-2025-20086 GHSA-5m7j-6gc4-ff5g * GO-2025-3393 CVE-2025-21088 GHSA-8j3q-gc9x-7972 * GO-2025-3394 CVE-2025-20088 GHSA-45v9-w9fh-33j6 * GO-2025-3396 CVE-2024-52594 * GO-2025-3397 CVE-2024-36402 GHSA-8vmr-h7h5-cqhg * GO-2025-3398 CVE-2024-52791 GHSA-gp86-q8hg-fpxj * GO-2025-3399 CVE-2024-52602 GHSA-r6jg-jfv6-2fjv * GO-2025-3400 CVE-2024-56515 GHSA-rcxc-wjgw-579r * GO-2025-3401 CVE-2024-36403 GHSA-vc2m-hw89-qjxf * GO-2025-3407 CVE-2025-20621 GHSA-w6xh-c82w-h997 * Update to version 0.0.20250115T172141 2025-01-15T17:21:41Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3381 CVE-2024-56138 GHSA-45v3-38pc-874v * GO-2025-3382 CVE-2024-51491 GHSA-qjh3-4j3h-vmwp * GO-2025-3384 CVE-2024-56323 GHSA-32q6-rr98-cjqv * GO-2025-3390 CVE-2024-53263 GHSA-q6r2-x2cc-vrp7 * GO-2025-3391 CVE-2024-52281 GHSA-2v2w-8v8c-wcm9 * Update to version 0.0.20250109T194159 2025-01-09T19:41:59Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3376 CVE-2025-22149 GHSA-675f-rq2r-jw82 * GO-2025-3377 CVE-2025-22449 GHSA-q8fg-cp3q-5jwm * GO-2025-3379 CVE-2025-20033 GHSA-2549-xh72-qrpm * GO-2025-3380 CVE-2025-22445 GHSA-7rgp-4j56-fm79 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-297=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-297=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250128T150132-150000.1.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11218.html * https://www.suse.com/security/cve/CVE-2024-36402.html * https://www.suse.com/security/cve/CVE-2024-36403.html * https://www.suse.com/security/cve/CVE-2024-45336.html * https://www.suse.com/security/cve/CVE-2024-45339.html * https://www.suse.com/security/cve/CVE-2024-45340.html * https://www.suse.com/security/cve/CVE-2024-45341.html * https://www.suse.com/security/cve/CVE-2024-51491.html * https://www.suse.com/security/cve/CVE-2024-52281.html * https://www.suse.com/security/cve/CVE-2024-52594.html * https://www.suse.com/security/cve/CVE-2024-52602.html * https://www.suse.com/security/cve/CVE-2024-52791.html * https://www.suse.com/security/cve/CVE-2024-53263.html * https://www.suse.com/security/cve/CVE-2024-56138.html * https://www.suse.com/security/cve/CVE-2024-56323.html * https://www.suse.com/security/cve/CVE-2024-56515.html * https://www.suse.com/security/cve/CVE-2025-0377.html * https://www.suse.com/security/cve/CVE-2025-20033.html * https://www.suse.com/security/cve/CVE-2025-20086.html * https://www.suse.com/security/cve/CVE-2025-20088.html * https://www.suse.com/security/cve/CVE-2025-20621.html * https://www.suse.com/security/cve/CVE-2025-21088.html * https://www.suse.com/security/cve/CVE-2025-22149.html * https://www.suse.com/security/cve/CVE-2025-22445.html * https://www.suse.com/security/cve/CVE-2025-22449.html * https://www.suse.com/security/cve/CVE-2025-22865.html * https://www.suse.com/security/cve/CVE-2025-23028.html * https://www.suse.com/security/cve/CVE-2025-23047.html * https://www.suse.com/security/cve/CVE-2025-23208.html * https://www.suse.com/security/cve/CVE-2025-24030.html * https://www.suse.com/security/cve/CVE-2025-24337.html * https://www.suse.com/security/cve/CVE-2025-24354.html * https://www.suse.com/security/cve/CVE-2025-24355.html * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 31 08:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 31 Jan 2025 08:30:24 -0000 Subject: SUSE-SU-2025:0306-1: moderate: Security update for ignition Message-ID: <173831222433.22227.10874776475969306632@smelt2.prg2.suse.org> # Security update for ignition Announcement ID: SUSE-SU-2025:0306-1 Release Date: 2025-01-31T02:04:09Z Rating: moderate References: * bsc#1236518 Cross-References: * CVE-2023-45288 CVSS scores: * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 (bsc#1236518) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-306=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-306=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * ignition-dracut-grub2-2.14.0-150300.6.10.1 * ignition-debuginfo-2.14.0-150300.6.10.1 * ignition-2.14.0-150300.6.10.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * ignition-dracut-grub2-2.14.0-150300.6.10.1 * ignition-debuginfo-2.14.0-150300.6.10.1 * ignition-2.14.0-150300.6.10.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://bugzilla.suse.com/show_bug.cgi?id=1236518 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 31 16:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 31 Jan 2025 16:30:04 -0000 Subject: SUSE-SU-2025:0313-1: moderate: Security update for apptainer Message-ID: <173834100403.22537.7687973162893259801@smelt2.prg2.suse.org> # Security update for apptainer Announcement ID: SUSE-SU-2025:0313-1 Release Date: 2025-01-31T15:03:56Z Rating: moderate References: * bsc#1236528 Cross-References: * CVE-2023-45288 * CVE-2024-3727 CVSS scores: * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-3727 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * HPC Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for apptainer fixes the following issues: * CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 (bsc#1236528) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-313=1 openSUSE-SLE-15.6-2025-313=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-313=1 ## Package List: * openSUSE Leap 15.6 (noarch) * apptainer-sle15_7-1.3.6-150600.4.6.1 * apptainer-sle15_5-1.3.6-150600.4.6.1 * apptainer-leap-1.3.6-150600.4.6.1 * apptainer-sle15_6-1.3.6-150600.4.6.1 * openSUSE Leap 15.6 (aarch64 x86_64) * apptainer-1.3.6-150600.4.6.1 * apptainer-debuginfo-1.3.6-150600.4.6.1 * HPC Module 15-SP6 (aarch64 x86_64) * apptainer-1.3.6-150600.4.6.1 * apptainer-debuginfo-1.3.6-150600.4.6.1 * HPC Module 15-SP6 (noarch) * apptainer-sle15_6-1.3.6-150600.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1236528 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 31 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 31 Jan 2025 16:30:11 -0000 Subject: SUSE-SU-2025:0310-1: moderate: Security update for python-pydantic Message-ID: <173834101152.22537.17506311739332735999@smelt2.prg2.suse.org> # Security update for python-pydantic Announcement ID: SUSE-SU-2025:0310-1 Release Date: 2025-01-31T12:42:14Z Rating: moderate References: * bsc#1222806 Cross-References: * CVE-2024-3772 CVSS scores: * CVE-2024-3772 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-pydantic fixes the following issues: * CVE-2024-3772: Fixed Regular expression DoS (bsc#1222806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-310=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-310=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-310=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-310=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-pydantic-1.10.8-150400.9.10.1 * openSUSE Leap 15.6 (noarch) * python311-pydantic-1.10.8-150400.9.10.1 * Public Cloud Module 15-SP4 (noarch) * python311-pydantic-1.10.8-150400.9.10.1 * Python 3 Module 15-SP6 (noarch) * python311-pydantic-1.10.8-150400.9.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3772.html * https://bugzilla.suse.com/show_bug.cgi?id=1222806 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 31 20:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 31 Jan 2025 20:30:13 -0000 Subject: SUSE-SU-2025:0314-1: important: Security update for orc Message-ID: <173835541395.22572.8135639763411156814@smelt2.prg2.suse.org> # Security update for orc Announcement ID: SUSE-SU-2025:0314-1 Release Date: 2025-01-31T16:03:47Z Rating: important References: * bsc#1228184 Cross-References: * CVE-2024-40897 CVSS scores: * CVE-2024-40897 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40897 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for orc fixes the following issues: * CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files (bsc#1228184) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-314=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-314=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * orc-debugsource-0.4.21-3.6.1 * liborc-0_4-0-debuginfo-0.4.21-3.6.1 * orc-debuginfo-0.4.21-3.6.1 * liborc-0_4-0-0.4.21-3.6.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * liborc-0_4-0-32bit-0.4.21-3.6.1 * liborc-0_4-0-debuginfo-32bit-0.4.21-3.6.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * liborc-0_4-0-0.4.21-3.6.1 * liborc-0_4-0-debuginfo-0.4.21-3.6.1 * liborc-0_4-0-debuginfo-32bit-0.4.21-3.6.1 * liborc-0_4-0-32bit-0.4.21-3.6.1 * orc-debugsource-0.4.21-3.6.1 * orc-debuginfo-0.4.21-3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40897.html * https://bugzilla.suse.com/show_bug.cgi?id=1228184 -------------- next part -------------- An HTML attachment was scrubbed... URL: