SUSE-SU-2024:1644-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20241644-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:1644-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:1644-1
Related
Published
2024-05-14T14:29:53Z
Modified
2024-05-14T14:29:53Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
  • CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
  • CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
  • CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
  • CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
  • CVE-2024-27042: Fixed drm/amdgpu for potential out-of-bounds access in amdgpudiscoveryregbaseinit() (bsc#1223823).
  • CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpudmfini() (bsc#1223714).
  • CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).
  • CVE-2024-27038: Fixed clkcoreget NULL pointer dereference (bsc#1223816).
  • CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
  • CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
  • CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
  • CVE-2024-26993: Fixed fs/sysfs reference leak in sysfsbreakactive_protection() (bsc#1223693).
  • CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
  • CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).
  • CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).
  • CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).
  • CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).
  • CVE-2024-26960: Fixed mm/swap race between freeswapand_cache() and swapoff() (bsc#1223655).
  • CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660).
  • CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
  • CVE-2024-26948: Fixed drm/amd/display by adding dcstate NULL check in dcstate_release (bsc#1223664).
  • CVE-2024-26939: Fixed drm/i915/vma UAF on destroy against retire race (bsc#1223679).
  • CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).
  • CVE-2024-26915: Fixed drm/amdgpu reset IH OVERFLOW_CLEAR bit (bsc#1223207).
  • CVE-2024-26901: Fixed dosysnametohandle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
  • CVE-2024-26898: Fixed aoe potential use-after-free problem in aoecmdcfgpkts (bsc#1223016).
  • CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
  • CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196).
  • CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
  • CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
  • CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
  • CVE-2024-26882: Fixed net/iptunnel to make sure to pull inner header in iptunnel_rcv() (bsc#1223034).
  • CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
  • CVE-2024-26879: Fixed clk/meson by adding missing clocks to axgclkregmaps (bsc#1223066).
  • CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
  • CVE-2024-26876: Fixed drm/bridge/adv7511 crash on irq during probe (bsc#1223119).
  • CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spicontrollerput call (bsc#1223024).
  • CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
  • CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076).
  • CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
  • CVE-2024-26856: Fixed use-after-free inside sparx5delmact_entry (bsc#1223052).
  • CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in icebridgesetlink() (bsc#1223051).
  • CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
  • CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6routempath_notify() (bsc#1223057).
  • CVE-2024-26840: Fixed a memory leak in cachefilesaddcache() (bsc#1222976).
  • CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
  • CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
  • CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
  • CVE-2024-26816: Fixed relocations in .notes section when building with CONFIGXENPV=y by ignoring them (bsc#1222624).
  • CVE-2024-26791: Fixed btrfs/dev-replace properly validate device names (bsc#1222793).
  • CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
  • CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4mbtrybestfound() (bsc#1222618).
  • CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4mbfindbygoal() (bsc#1222613).
  • CVE-2024-26766: Fixed SDMA off-by-one error in padsdmatxdescs() (bsc#1222726).
  • CVE-2024-26764: Fixed IOCBAIORW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
  • CVE-2024-26733: Fixed an overflow in arpreqget() in arp (bsc#1222585).
  • CVE-2024-26700: Fixed drm/amd/display MST Null pointer dereference for RV (bsc#1222870).
  • CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
  • CVE-2024-26679: Fixed inet read sk->skfamily once in inetrecv_error() (bsc#1222385).
  • CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
  • CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
  • CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
  • CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
  • CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
  • CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
  • CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
  • CVE-2024-23848: Fixed media/cec for possible use-after-free in cecqueuemsg_fh (bsc#1219104).
  • CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
  • CVE-2024-22099: Fixed a null-pointer-dereference in rfcommchecksecurity (bsc#1219170).
  • CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
  • CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfsfillsuper function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
  • CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctpautoasconf_init in net/sctp/socket.c (bsc#1218917).
  • CVE-2023-6270: Fixed a use-after-free issue in aoecmdcfgpkts (bsc#1218562).
  • CVE-2023-52652: Fixed NTB for possible name leak in ntbregisterdevice() (bsc#1223686).
  • CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
  • CVE-2023-52635: Fixed PM/devfreq to synchronize devfreqmonitor[start/stop] (bsc#1222294).
  • CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
  • CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpiecinit (bsc#1221612).
  • CVE-2023-52614: Fixed PM/devfreq buffer overflow in transstatshow (bsc#1221617).
  • CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfxsetmfp_ap() (bsc#1221042).
  • CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
  • CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
  • CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
  • CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpurasqueryerrorstatus_helper() (bsc#1221080).
  • CVE-2022-48662: Fixed a general protection fault (GPF) in i915perfopen_ioctl (bsc#1223505).
  • CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).
  • CVE-2022-48658: Fixed mm/slub to avoid a problem in flushcpuslab()/_freeslab() task context (bsc#1223496).
  • CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
  • CVE-2022-48642: Fixed netfilter/nftables percpu memory leak at nftables_addchain() (bsc#1223478).
  • CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bondrrgenslaveid (bsc#1223499).
  • CVE-2022-48631: Fixed a bug in ext4, when parsing extents where ehentries == 0 and ehdepth > 0 (bsc#1223475).
  • CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlbmcopyatomic_pte() (bsc#1222710).
  • CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
  • CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
  • CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
  • CVE-2021-47202: Fixed NULL pointer dereferences in ofthermal functions (bsc#1222878)
  • CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drmgemttmmmap() and drmgemttmmmap() (bsc#1222838).
  • CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
  • CVE-2021-47185: Fixed a softlockup issue in flushtoldisc in tty tty_buffer (bsc#1222669).
  • CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).

The following non-security bugs were fixed:

  • ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
  • ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
  • ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
  • ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
  • ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
  • ALSA: hda: intel-sdw-acpi: fix usage of devicegetnamedchildnode() (git-fixes).
  • ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
  • ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
  • ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
  • ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
  • ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
  • ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
  • ASoC: meson: axg-card: make links nonatomic (git-fixes).
  • ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
  • ASoC: meson: cards: select SNDDYNAMICMINORS (git-fixes).
  • ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
  • ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
  • ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
  • Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).
  • Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
  • Bluetooth: Fix memory leak in hcireqsync_complete() (git-fixes).
  • Bluetooth: Fix type of len in {l2cap,sco}sockgetsockopt_old() (stable-fixes).
  • Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
  • Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
  • Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
  • Bluetooth: add quirk for broken address properties (git-fixes).
  • Bluetooth: btintel: Fix null ptr deref in btintelreadversion (stable-fixes).
  • Bluetooth: btintel: Fixe build regression (git-fixes).
  • Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
  • Bluetooth: hcievent: Fix sending HCIOPREADENCKEYSIZE (git-fixes).
  • Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
  • Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
  • Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
  • Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).
  • HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
  • HID: logitech-dj: allow mice to use all types of reports (git-fixes).
  • HID: uhid: Use READONCE()/WRITEONCE() for ->running (stable-fixes).
  • Input: allocate keycode for Display refresh rate toggle (stable-fixes).
  • Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
  • NFC: trf7970a: disable all regulators on removal (git-fixes).
  • PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
  • RDMA/cm: Print the old state when cmdestroyid gets timeout (git-fixes).
  • Reapply 'drm/qxl: simplify qxlfencewait' (stable-fixes).
  • Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
  • Revert 'drm/qxl: simplify qxlfencewait' (git-fixes).
  • Revert 'ice: Fix ice VF reset during iavf initialization (jsc#PED-376).' (bsc#1223275)
  • Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
  • Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
  • USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
  • USB: core: Add hubget() and hubput() routines (git-fixes).
  • USB: core: Fix access violation during port device removal (git-fixes).
  • USB: core: Fix deadlock in port 'disable' sysfs attribute (git-fixes).
  • USB: serial: add device ID for VeriFone adapter (stable-fixes).
  • USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
  • USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
  • USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
  • USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
  • USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
  • USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
  • USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
  • USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
  • USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
  • USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
  • nfsd: Fixed mount kerberized nfs4 share issue (git-fixes bsc#1223858).
  • s390: Fixed kernel backtrack (bsc#1141539 git-fixes).
  • nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640).
  • s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops (jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
  • ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
  • ahci: asm1064: correct count of reported ports (stable-fixes).
  • arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
  • arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
  • arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
  • arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
  • arm64: dts: rockchip: enable internal pull-up on Q7USBID for RK3399 (git-fixes)
  • arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
  • arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
  • arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
  • ax25: fix use-after-free bugs caused by ax25dsdel_timer (git-fixes).
  • batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
  • clk: Get runtime PM before walking tree during disable_unused (git-fixes).
  • clk: Initialize struct clk_core kref earlier (stable-fixes).
  • clk: Mark 'all_lists' as const (stable-fixes).
  • clk: Print an info line before disabling unused clocks (stable-fixes).
  • clk: Remove preparelock hold assertion in _clk_release() (git-fixes).
  • clk: remove extra empty line (stable-fixes).
  • comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
  • dma: xilinx_dpdma: Fix locking (git-fixes).
  • dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
  • dmaengine: owl: fix register access functions (git-fixes).
  • dmaengine: tegra186: Fix residual calculation (git-fixes).
  • docs: Document the FANFSERROR event (stable-fixes).
  • drm-print: add drmdbgdriver to improve namespace symmetry (stable-fixes).
  • drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
  • drm/amd/display: Fix nanosec stat overflow (stable-fixes).
  • drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
  • drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
  • drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
  • drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
  • drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
  • drm/amdgpu: always force full reset for SOC21 (stable-fixes).
  • drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).
  • drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
  • drm/amdgpu: once more fix the call oder in amdgputtmmove() v2 (git-fixes).
  • drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
  • drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
  • drm/ast: Fix soft lockup (git-fixes).
  • drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
  • drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
  • drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
  • drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
  • drm/msm/dp: fix typo in dpdisplayhandleportstatus_changed() (git-fixes).
  • drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
  • drm/panel: ili9341: Respect deferred probe (git-fixes).
  • drm/panel: ili9341: Use predefined error codes (git-fixes).
  • drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
  • drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
  • drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
  • drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
  • drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
  • drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
  • drm: nv04: Fix out of bounds access (git-fixes).
  • drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes).
  • dumpstack: Do not get cpusync for panic CPU (bsc#1223574).
  • fbdev: fix incorrect address computation in deferred IO (git-fixes).
  • fbdev: viafb: fix typo in hwbitblt1 and hwbitblt2 (stable-fixes).
  • fbmon: prevent division by zero in fbvideomodefrom_videomode() (stable-fixes).
  • fuse: do not unhash root (bsc#1223951).
  • fuse: fix root lookup with nonzero generation (bsc#1223950).
  • hwmon: (amc6821) add of_match table (stable-fixes).
  • i2c: pxa: hide unused icr_bits[] variable (git-fixes).
  • i2c: smbus: fix NULL function pointer dereference (git-fixes).
  • i40e: Fix VF MAC filter removal (git-fixes).
  • idma64: Do not try to serve interrupts when device is powered off (git-fixes).
  • iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
  • iio:imu: adis16475: Fix sync mode setting (git-fixes).
  • init/main.c: Fix potential staticcommandline memory overflow (git-fixes).
  • ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
  • irqchip/gic-v3-its: Prevent double free on error (git-fixes).
  • kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
  • livepatch: Fix missing newline character in klpresolvesymbols() (bsc#1223539).
  • media: cec: core: remove length check of Timer Status (stable-fixes).
  • media: sta2x11: fix irq handler cast (stable-fixes).
  • mei: me: add arrow lake point H DID (stable-fixes).
  • mei: me: add arrow lake point S DID (stable-fixes).
  • mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
  • mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).
  • mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
  • mtd: diskonchip: work around ubsan link failure (stable-fixes).
  • net: bridge: vlan: fix memory leak in _allowedingress (git-fixes).
  • net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).
  • net: fix skb leak in _skbtstamp_tx() (git-fixes).
  • net: ipv6: ensure we call ipv6mcdown() at most once (git-fixes).
  • net: mld: fix reference count leak in mld{query | report}work() (git-fixes).
  • net: stream: purge skerrorqueue in skstreamkill_queues() (git-fixes).
  • net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
  • net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
  • net: vlan: fix underflow for the real_dev refcnt (git-fixes).
  • net: vmxnet3: Fix NULL pointer dereference in vmxnet3rqrx_complete() (bsc#1223360).
  • netfilter: br_netfilter: Drop dst references before setting (git-fixes).
  • netfilter: iptCLUSTERIP: fix refcount leak in clusteriptg_check() (git-fixes).
  • netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
  • nfsd: use _fputsync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
  • nilfs2: fix OOB in nilfssetde_type (git-fixes).
  • nilfs2: fix OOB in nilfssetde_type (git-fixes).
  • nouveau: fix function cast warning (git-fixes).
  • nouveau: fix instmem race condition around ptr stores (git-fixes).
  • phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).
  • pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
  • platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).
  • platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
  • powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191).
  • powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888).
  • powerpc/rtas: export rtaserrorrc() for reuse (bsc#1223369 ltc#205888).
  • powerpc: Avoid nmienter/nmiexit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
  • powerpc: Refactor verification of MSR_RI (bsc#1223191).
  • printk: Add thiscpuin_panic() (bsc#1223574).
  • printk: Adjust mapping for 32bit seq macros (bsc#1223574).
  • printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).
  • printk: Disable passing console lock owner completely during panic() (bsc#1223574).
  • printk: Drop console_sem during panic (bsc#1223574).
  • printk: Rename abandonconsolelockinpanic() to othercpuin_panic() (bsc#1223574).
  • printk: Use prbfirstseq() as base for 32bit seq macros (bsc#1223574).
  • printk: Wait for all reserved records with pr_flush() (bsc#1223574).
  • printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
  • printk: ringbuffer: Clarify special lpos values (bsc#1223574).
  • printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
  • printk: ringbuffer: Do not skip non-finalized records with prbnextseq() (bsc#1223574).
  • printk: ringbuffer: Improve prbnextseq() performance (bsc#1223574).
  • printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).
  • pstore/zone: Add a null pointer check to the pszkmsgread (stable-fixes).
  • ring-buffer: Only update pages_touched when a new page is touched (git-fixes).
  • ring-buffer: use READONCE() to read cpubuffer->commit_page in concurrent environment (git-fixes).
  • s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).
  • s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785).
  • s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).
  • s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878).
  • s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).
  • s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
  • s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876).
  • s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
  • s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595).
  • serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
  • serial: core: Provide port lock wrappers (stable-fixes).
  • serial: core: fix kernel-doc for uartportunlock_irqrestore() (git-fixes).
  • serial: mxs-auart: add spinlock around changing cts state (git-fixes).
  • slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
  • speakup: Avoid crash on very long word (git-fixes).
  • speakup: Fix 8bit characters from direct synth (git-fixes).
  • spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).
  • tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).
  • thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
  • thunderbolt: Fix wake configurations after device unplug (stable-fixes).
  • tracing/netsched: Fix tracepoints that save qdiscdev() as a string (git-fixes).
  • tracing: Show size of requested perf buffer (git-fixes).
  • usb: Disable USB3 LPM at shutdown (stable-fixes).
  • usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes).
  • usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
  • usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
  • usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
  • usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
  • usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
  • usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).
  • usb: ohci: Prevent missed ohci interrupts (git-fixes).
  • usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
  • usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
  • usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
  • usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569).
  • usb: typec: ucsi: Ack unsupported commands (stable-fixes).
  • usb: typec: ucsi: Clear UCSICCIRESET_COMPLETE before reset (stable-fixes).
  • usb: typec: ucsi: Fix connector check on init (git-fixes).
  • usb: udc: remove warning when queue disabled ep (stable-fixes).
  • virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).
  • wifi: ath9k: fix LNA selection in athanttry_scan() (stable-fixes).
  • wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
  • wifi: iwlwifi: mvm: return uid from iwlmvmbuildscancmd (git-fixes).
  • wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
  • wifi: nl80211: do not free NULL coalescing rule (git-fixes).
  • x86/bugs: Cache the value of MSRIA32ARCH_CAPABILITIES (git-fixes).
  • x86/bugs: Fix BHI documentation (git-fixes).
  • x86/bugs: Fix BHI handling of RRSBA (git-fixes).
  • x86/bugs: Fix BHI retpoline check (git-fixes).
  • x86/bugs: Fix return type of spectrebhistate() (git-fixes).
  • x86/bugs: Rename various 'ia32cap' variables to 'x86archcapmsr' (git-fixes).
  • x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
  • x86/mm: Ensure input to pfntokaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes).
  • x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes).
  • xfrm6: fix inet6_dev refcount underflow problem (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.51.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-devel": "5.14.21-150500.33.51.1",
            "kernel-devel-azure": "5.14.21-150500.33.51.1",
            "kernel-syms-azure": "5.14.21-150500.33.51.1",
            "kernel-source-azure": "5.14.21-150500.33.51.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.51.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-devel": "5.14.21-150500.33.51.1",
            "kernel-devel-azure": "5.14.21-150500.33.51.1",
            "kernel-syms-azure": "5.14.21-150500.33.51.1",
            "kernel-source-azure": "5.14.21-150500.33.51.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.51.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-devel": "5.14.21-150500.33.51.1",
            "kernel-devel-azure": "5.14.21-150500.33.51.1",
            "kernel-syms-azure": "5.14.21-150500.33.51.1",
            "kernel-source-azure": "5.14.21-150500.33.51.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.51.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-devel-azure": "5.14.21-150500.33.51.1",
            "dlm-kmp-azure": "5.14.21-150500.33.51.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-extra": "5.14.21-150500.33.51.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-optional": "5.14.21-150500.33.51.1",
            "kernel-azure-devel": "5.14.21-150500.33.51.1",
            "kernel-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-vdso": "5.14.21-150500.33.51.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-syms-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.51.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-source-azure": "5.14.21-150500.33.51.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.51.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-devel-azure": "5.14.21-150500.33.51.1",
            "dlm-kmp-azure": "5.14.21-150500.33.51.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-extra": "5.14.21-150500.33.51.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-optional": "5.14.21-150500.33.51.1",
            "kernel-azure-devel": "5.14.21-150500.33.51.1",
            "kernel-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-vdso": "5.14.21-150500.33.51.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-syms-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.51.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-source-azure": "5.14.21-150500.33.51.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.51.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-devel-azure": "5.14.21-150500.33.51.1",
            "dlm-kmp-azure": "5.14.21-150500.33.51.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-extra": "5.14.21-150500.33.51.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-optional": "5.14.21-150500.33.51.1",
            "kernel-azure-devel": "5.14.21-150500.33.51.1",
            "kernel-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-vdso": "5.14.21-150500.33.51.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-syms-azure": "5.14.21-150500.33.51.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.51.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.51.1",
            "kernel-source-azure": "5.14.21-150500.33.51.1"
        }
    ]
}