SUSE-SU-2024:3209-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20243209-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:3209-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:3209-1
Related
Published
2024-09-11T15:39:03Z
Modified
2024-09-11T15:39:03Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
  • CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773).
  • CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524).
  • CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
  • CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
  • CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
  • CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
  • CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
  • CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
  • CVE-2024-43900: Avoid use-after-free in loadfirmwarecb() (bsc#1229756).
  • CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
  • CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820).
  • CVE-2024-41087: Fix double free on error (bsc#1228466).
  • CVE-2024-42277: Avoid NULL deref in sprdiommuhw_en (bsc#1229409).
  • CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
  • CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
  • CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
  • CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
  • CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
  • CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
  • CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527).
  • CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
  • CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
  • CVE-2024-26812: struct virqfd kABI workaround (bsc#1222808).
  • CVE-2022-48912: Fix use-after-free in _nfregisternethook() (bsc#1229641)
  • CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
  • CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605)
  • CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
  • CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
  • CVE-2023-52899: Add exception protection processing for vd in axichanhandle_err function (bsc#1229569).
  • CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
  • CVE-2024-26631: Fix data-race in ipv6mcdown / mldifcwork (bsc#1221630).
  • CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488)
  • CVE-2024-40905: Fix possible race in _fib6droppcpufrom() (bsc#1227761)
  • CVE-2024-39489: Fix memleak in seg6hmacinit_algo (bsc#1227623)
  • CVE-2021-47106: Fix use-after-free in nftsetcatchall_destroy() (bsc#1220962)
  • CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428).
  • CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
  • CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
  • CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
  • CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
  • CVE-2024-27403: Restore const specifier in flowoffloadroute_init() (bsc#1224415).
  • CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
  • CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290).
  • CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
  • CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
  • CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
  • CVE-2024-27016: Validate pppoe header (bsc#1223807).
  • CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639).
  • CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
  • CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
  • CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
  • CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
  • CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
  • CVE-2024-43834: Fix invalid wait context of pagepooldestroy() (bsc#1229314)
  • CVE-2024-36286: Acquire rcureadlock() in instancedestroyrcu() (bsc#1226801)
  • CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
  • CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727).
  • CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number') (bsc#1222387)
  • CVE-2024-36009: Blacklist 467324bcfe1a ('ax25: Fix netdev refcount issue') (bsc#1224542)
  • CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
  • CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
  • CVE-2024-42284: Return non-zero value from tipcudpaddr2str() on error (bsc#1229382)
  • CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
  • CVE-2024-42312: Always initialize iuid/igid (bsc#1229357)
  • CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
  • CVE-2024-42322: Properly dereference pe in ipvsadd_service (bsc#1229347)
  • CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
  • CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
  • CVE-2024-26669: Fix chain template offload (bsc#1222350).
  • CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287).
  • CVE-2022-48645: Move enetcsetpsfp() out of the common enetcsetfeatures() (bsc#1223508).
  • CVE-2024-41007: Use signed arithmetic in tcprtxprobe0timedout() (bsc#1227863).
  • CVE-2024-36933: Use correct macoffset to unwind gso skb in nshgso_segment() (bsc#1225832).
  • CVE-2024-42295: Handle inconsistent state in nilfsbtnodecreate_block() (bsc#1229370).
  • CVE-2024-42319: Move devmmboxcontrollerregister() after devmpmruntimeenable() (bsc#1229350).
  • CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319).
  • CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
  • CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307).
  • CVE-2024-43841: Do not use strlen() in const context (bsc#1229304).
  • CVE-2024-43839: Adjust 'name' buf size of bnatcb and bnaccb structures (bsc#1229301).
  • CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469).
  • CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
  • CVE-2024-42271: Fixed a use after free in iucvsockclose(). (bsc#1229400)
  • CVE-2024-41080: Fix possible deadlock in ioregisteriowqmaxworkers() (bsc#1228616).
  • CVE-2024-42246: Remap EPERM in case of connection failure in xstcpsetup_socket (bsc#1228989).
  • CVE-2024-42232: Fixed a race between delayedwork() and cephmonc_stop(). (bsc#1228959)
  • CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
  • CVE-2024-42106: Initialize pad field in struct inetdiagreq_v2 (bsc#1228493).
  • CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
  • CVE-2024-42110: Move ntbnetdevrxhandler() to call netifrx() from _netifrx() (bsc#1228501).
  • CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
  • CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
  • CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269).
  • CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
  • CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958).
  • CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
  • CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
  • CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
  • CVE-2024-42139: Fix improper extts handling (bsc#1228503).
  • CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
  • CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
  • CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
  • CVE-2024-42082: Remove WARN() from _xdpregmemmodel() (bsc#1228482).
  • CVE-2024-41042: Prefer nftchainvalidate (bsc#1228526).
  • CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580).
  • CVE-2024-42228: Using uninitialized value *size when calling amdgpuvcecs_reloc (bsc#1228667).
  • CVE-2024-40995: Fix possible infinite loop in tcfidrcheck_alloc() (bsc#1227830).
  • CVE-2024-38602: Merge repeat codes in ax25devdevice_down() (bsc#1226613).
  • CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742).
  • CVE-2024-36929: Reject skbcopy(expand) for fraglist GSO skbs (bsc#1225814).
  • CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
  • CVE-2024-27024: Fix WARNING in rdsconnconnectifdown (bsc#1223777).

The following non-security bugs were fixed:

  • ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
  • ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
  • ACPI: bus: Rework system-level device notification handling (git-fixes).
  • ACPI: thermal: Drop nocrt parameter (git-fixes).
  • ACPI: x86: s2idle: Post-increment variables when getting constraints (git-fixes).
  • afs: Do not cross .backup mountpoint from backup volume (git-fixes).
  • ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
  • ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
  • ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
  • ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
  • ALSA: line6: Fix racy access to midibuf (stable-fixes).
  • ALSA: timer: Relax start tick time check for slave timer elements (git-fixes).
  • ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
  • ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
  • ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes).
  • ALSA: usb: Fix UBSAN warning in parseaudiounit() (stable-fixes).
  • arm64: ACPI: NUMA: initialize all values of acpiearlynode_map to (git-fixes)
  • arm64: ACPI: NUMA: initialize all values of acpiearlynode_map to (git-fixes)
  • arm64: Add Neoverse-V2 part (git-fixes)
  • arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
  • arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
  • arm64: barrier: Restore spec_bar() macro (git-fixes)
  • arm64: cpufeature: Add missing .field_width for GIC system registers (git-fixes)
  • arm64: cpufeature: Fix the visibility of compat hwcaps (git-fixes)
  • arm64: cpufeature: Force HWCAP to be based on the sysreg visible to (git-fixes)
  • arm64: cputype: Add Cortex-A720 definitions (git-fixes)
  • arm64: cputype: Add Cortex-A725 definitions (git-fixes)
  • arm64: cputype: Add Cortex-X1C definitions (git-fixes)
  • arm64: cputype: Add Cortex-X3 definitions (git-fixes)
  • arm64: cputype: Add Cortex-X4 definitions (git-fixes)
  • arm64: cputype: Add Cortex-X925 definitions (git-fixes)
  • arm64: cputype: Add Neoverse-V3 definitions (git-fixes)
  • arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
  • arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
  • arm64: errata: Expand speculative SSBS workaround (again) (git-fixes)
  • arm64: errata: Expand speculative SSBS workaround (git-fixes)
  • arm64: errata: Unify speculative SSBS errata logic (git-fixes) Also update default configuration.
  • arm64: Fix KASAN random tag seed initialization (git-fixes)
  • arm64: Fix KASAN random tag seed initialization (git-fixes)
  • ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
  • ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
  • ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
  • async: Introduce asyncscheduledev_nocall() (bsc#1221269).
  • async: Split asyncschedulenode_domain() (bsc#1221269).
  • Bluetooth: Fix usage of _hcicmdsyncstatus (git-fixes).
  • Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes).
  • Bluetooth: l2cap: always unlock channel in l2capconlesschannel() (git-fixes).
  • Bluetooth: L2CAP: Fix deadlock (git-fixes).
  • bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903).
  • bpf: kprobe: remove unused declaring of bpfkprobeoverride (git-fixes).
  • btrfs: fix leak of qgroup extent records after transaction abort (git-fixes).
  • btrfs: make btrfsdestroydelayed_refs() return void (git-fixes).
  • btrfs: remove unnecessary prototype declarations at disk-io.c (git-fixes).
  • btrfs: sysfs: update fs features directory asynchronously (bsc#1226168).
  • cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418).
  • ceph: issue a cap release immediately if no cap exists (bsc#1225162).
  • ceph: periodically flush the cap releases (bsc#1225162).
  • cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
  • cpuidle, ACPI: Evaluate LPI arch_flags for broadcast timer (git-fixes).
  • docs: KVM: Fix register ID of SPSR_FIQ (git-fixes).
  • drm: add missing MODULE_DESCRIPTION() macros (stable-fixes).
  • drm: panel-orientation-quirks: Add labels for both Valve Steam Deck revisions (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for Nanote UMPC-01 (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes).
  • drm/amd/amdgpu/imuv110: Increase buffer size to ensure all possible values can be stored (stable-fixes).
  • drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpudmplanehandlecursor_update (stable-fixes).
  • drm/amd/display: avoid using null object of framebuffer (git-fixes).
  • drm/amd/display: Fix && vs || typos (git-fixes).
  • drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes).
  • drm/amd/display: Validate hwpointsnum before using it (stable-fixes).
  • drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
  • drm/amdgpu: Actually check flags for all context ops (stable-fixes).
  • drm/amdgpu: Add lock around VF RLCG interface (stable-fixes).
  • drm/amdgpu: fix dereference null return value for the function amdgpuvmpt_parent (stable-fixes).
  • drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes).
  • drm/amdgpu: Validate TA binary size (stable-fixes).
  • drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
  • drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes).
  • drm/amdgpu/pm: Fix the null pointer dereference in applystateadjust_rules (stable-fixes).
  • drm/amdgpu/pm: Fix the param type of setpowerprofile_mode (stable-fixes).
  • drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes).
  • drm/bridge: tc358768: Attempt to fix DSI horizontal timings (stable-fixes).
  • drm/client: fix null pointer dereference in drmclientmodeset_probe (git-fixes).
  • drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes).
  • drm/lima: set gp bus_stop bit before hard reset (stable-fixes).
  • drm/msm/dp: reset the link phy params before link training (git-fixes).
  • drm/msm/dpu: cleanup FB if dpuformatpopulate_layout fails (git-fixes).
  • drm/msm/dpu: do not play tricks with debug macros (git-fixes).
  • drm/tegra: Zero-initialize iosys_map (stable-fixes).
  • exfat: fix inode->i_blocks for non-512 byte sector size device (git-fixes).
  • exfat: fix potential deadlock on _exfatgetdentryset (git-fixes).
  • exfat: redefine DIR_DELETED as the bad cluster number (git-fixes).
  • exfat: support dynamic allocate bh for exfatentryset_cache (git-fixes).
  • fs/netfs/fscachecookie: add missing 'naccesses' check (bsc#1229453).
  • fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
  • genirq: Add mightsleep() to disableirq() (git-fixes).
  • genirq: Always limit the affinity to online CPUs (git-fixes).
  • genirq: Do not return error on missing optional irqrequestresources() (git-fixes).
  • genirq: Take the proposed affinity at face value if force==true (git-fixes).
  • genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes).
  • genirq/genericchip: Make irqremovegenericchip() irqdomain aware (git-fixes).
  • genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask() (git-fixes).
  • genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes).
  • genirq/matrix: Exclude managed interrupts in irqmatrixallocated() (git-fixes).
  • genirq/msi: Shutdown managed interrupts with unsatifiable affinities (git-fixes).
  • gsskrb5: Fix the error handling path for cryptosyncskciphersetkey (git-fixes).
  • hfs: fix to initialize fields of hfsinodeinfo after hfsallocinode() (git-fixes).
  • i2c: smbus: Improve handling of stuck alerts (git-fixes).
  • i2c: smbus: Send alert notifications to all devices if source not found (git-fixes).
  • iommu/amd: Convert comma to semicolon (git-fixes).
  • ip6_tunnel: Fix broken GRO (bsc#1229444).
  • ipv6: sr: fix incorrect unregister order (git-fixes).
  • irqdomain: Drop bogus fwspec-mapping error handling (git-fixes).
  • irqdomain: Fix association race (git-fixes).
  • irqdomain: Fix disassociation race (git-fixes).
  • irqdomain: Fix domain registration race (git-fixes).
  • irqdomain: Fix mapping-creation race (git-fixes).
  • irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
  • irqdomain: Look for existing mapping only once (git-fixes).
  • irqdomain: Refactor _irqdomainallocirqs() (git-fixes).
  • irqdomain: Report irq number for NOMAP domains (git-fixes).
  • kprobes: Fix to check symbol prefixes correctly (git-fixes).
  • lockd: move from strlcpy with unused retval to strscpy (git-fixes).
  • memcg: protect concurrent access to memcgroupidr (git-fixes).
  • mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  • mm: prevent derefencing NULL ptr in pfnsectionvalid() (git-fixes).
  • mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes).
  • mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes).
  • net: ks8851: Fix another TX stall caused by wrong ISR flag handling (git-fixes).
  • net: ks8851: Fix deadlock with the SPI chip variant (git-fixes).
  • net: ks8851: Fix potential TX stall after interface reopen (git-fixes).
  • net: ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes).
  • net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
  • net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
  • net: mana: Fix race of manahwcpostrxwqe and new hwc response (git-fixes).
  • net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
  • net: remove two BUG() from skbchecksumhelp() (bsc#1229312).
  • net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes).
  • net/rds: fix possible cp null dereference (git-fixes).
  • net/sched: initialize noop_qdisc owner (git-fixes).
  • nfc: pn533: Add poll mod list filling check (git-fixes).
  • nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
  • nfs: make the rpc_stat per net namespace (git-fixes).
  • NFSD: add posix ACLs to struct nfsd_attrs (git-fixes).
  • NFSD: add security label to struct nfsd_attrs (git-fixes).
  • NFSD: fix regression with setting ACLs (git-fixes).
  • NFSD: Fix strncpy() fortify warning (git-fixes).
  • NFSD: Increase NFSDMAXOPSPERCOMPOUND (git-fixes).
  • NFSD: introduce struct nfsd_attrs (git-fixes).
  • NFSD: move from strlcpy with unused retval to strscpy (git-fixes).
  • NFSD: Optimize DRC bucket pruning (git-fixes).
  • nfsd: return error if nfs4_setacl fails (git-fixes).
  • NFSD: set attributes when creating symlinks (git-fixes).
  • nfsd: use locksinodecontext helper (git-fixes).
  • nilfs2: Remove check for PageError (git-fixes).
  • nvme_core: scan namespaces asynchronously (bsc#1224105).
  • ocfs2: use coarse time for new created files (git-fixes).
  • padata: Fix possible divide-by-0 panic in padatamthelper() (git-fixes).
  • perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
  • platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779).
  • platform/x86/amd/hsmp: Cache pcidev in struct hsmpsocket (jsc#PED-8779).
  • platform/x86/amd/hsmp: Change devmkzalloc() to devmkcalloc() (jsc#PED-8779).
  • platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779).
  • platform/x86/amd/hsmp: Check numsockets against MAXAMD_SOCKETS (jsc#PED-8779).
  • platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779).
  • platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779).
  • platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779).
  • platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779).
  • platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
  • platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779).
  • platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779).
  • platform/x86/amd/hsmp: switch to use deviceaddgroups() (jsc#PED-8779).
  • power: supply: axp288charger: Fix constantcharge_voltage writes (git-fixes).
  • power: supply: axp288charger: Round constantcharge_voltage writes down (git-fixes).
  • powerpc: Fail build if using recordmcount with binutils v2.37 (bsc#1194869).
  • powerpc: Mark .opd section read-only (bsc#1194869).
  • powerpc: use generic version of archiskernelinitmemfreed() (bsc#1194869).
  • powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869).
  • powerpc/64: Set IOBASE to POISONPOINTERDELTA not 0 for CONFIG_PCI=n (bsc#1194869).
  • powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869).
  • powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869).
  • powerpc/kexec: make the updatecpusnode() function public (bsc#1194869).
  • powerpc/kexec: split CONFIGKEXECFILE and CONFIGCRASHDUMP (bsc#1194869).
  • powerpc/pseries: Add failure related checks for hgetmpp and hgetppp (bsc#1194869).
  • powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869).
  • powerpc/radix: Move some functions into #ifdef CONFIGKVMBOOK3SHVPOSSIBLE (bsc#1194869).
  • powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
  • powerpc/xmon: Check cpu id in commands 'c#', 'dp#' and 'dx#' (bsc#1194869).
  • RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes).
  • RDMA/rxe: Fix incomplete state save in rxe_requester (git-fixes)
  • RDMA/rxe: Fix rxemodifysrq (git-fixes)
  • RDMA/rxe: Handle zero length rdma (git-fixes)
  • RDMA/rxe: Move work queue code to subroutines (git-fixes)
  • s390/cpacf: get rid of register asm (git-fixes bsc#1227079 bsc#1229187).
  • s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227079).
  • s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1229187).
  • s390/dasd: fix error checks in dasdcopypair_store() (git-fixes bsc#1229190).
  • s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573).
  • s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229572).
  • s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229188).
  • spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes).
  • sunrpc: add a struct rpcstats arg to rpccreate_args (git-fixes).
  • SUNRPC: Fix a race to wake a sync task (git-fixes).
  • swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes).
  • syscalls: fix compatsysiopgeteventstime64 usage (git-fixes).
  • tracing: Return from tracingbuffersread() if the file has been closed (bsc#1229136 git-fixes).
  • ubifs: add check for cryptoshashtfm_digest (git-fixes).
  • ubifs: dbgorphancheck: Fix missed key type checking (git-fixes).
  • ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
  • ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
  • vfio/pci: fix potential memory leak in vfiointxenable() (git-fixes).
  • wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes).
  • wifi: mwifiex: duplicate static structs used in driver instances (git-fixes).
  • x86/APM: drop the duplicate APMMINORDEV macro (git-fixes).
  • x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
  • x86/mm: Fix pticloneentry_text() for i386 (git-fixes).
  • x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes).
  • x86/pm: Work around false positive kmemleak report in msrbuildcontext() (git-fixes).
  • xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes).
  • xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
  • xfs: use XFSBUFDADDR_NULL for daddrs in getfsmap code (git-fixes).
  • xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
  • xprtrdma: Fix rpcrdmareqsreset() (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Micro 5.5 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 15 SP5 / kernel-livepatch-SLE15-SP5-RT_Update_19

Package

Name
kernel-livepatch-SLE15-SP5-RT_Update_19
Purl
pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-150500.11.3.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-livepatch-5_14_21-150500_13_67-rt": "1-150500.11.3.2"
        }
    ]
}

SUSE:Real Time Module 15 SP5 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.14.21-150500.13.67.3",
            "dlm-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug": "5.14.21-150500.13.67.3",
            "kernel-rt-devel": "5.14.21-150500.13.67.3",
            "cluster-md-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-devel": "5.14.21-150500.13.67.3",
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3",
            "ocfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-vdso": "5.14.21-150500.13.67.3",
            "kernel-rt-vdso": "5.14.21-150500.13.67.3",
            "gfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-syms-rt": "5.14.21-150500.13.67.1"
        }
    ]
}

SUSE:Real Time Module 15 SP5 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.14.21-150500.13.67.3",
            "dlm-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug": "5.14.21-150500.13.67.3",
            "kernel-rt-devel": "5.14.21-150500.13.67.3",
            "cluster-md-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-devel": "5.14.21-150500.13.67.3",
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3",
            "ocfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-vdso": "5.14.21-150500.13.67.3",
            "kernel-rt-vdso": "5.14.21-150500.13.67.3",
            "gfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-syms-rt": "5.14.21-150500.13.67.1"
        }
    ]
}

SUSE:Real Time Module 15 SP5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.14.21-150500.13.67.3",
            "dlm-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug": "5.14.21-150500.13.67.3",
            "kernel-rt-devel": "5.14.21-150500.13.67.3",
            "cluster-md-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-devel": "5.14.21-150500.13.67.3",
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3",
            "ocfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-vdso": "5.14.21-150500.13.67.3",
            "kernel-rt-vdso": "5.14.21-150500.13.67.3",
            "gfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-syms-rt": "5.14.21-150500.13.67.1"
        }
    ]
}

SUSE:Real Time Module 15 SP5 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.14.21-150500.13.67.3",
            "dlm-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug": "5.14.21-150500.13.67.3",
            "kernel-rt-devel": "5.14.21-150500.13.67.3",
            "cluster-md-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-devel": "5.14.21-150500.13.67.3",
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3",
            "ocfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-vdso": "5.14.21-150500.13.67.3",
            "kernel-rt-vdso": "5.14.21-150500.13.67.3",
            "gfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-syms-rt": "5.14.21-150500.13.67.1"
        }
    ]
}

openSUSE:Leap Micro 5.5 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt": "5.14.21-150500.13.67.3"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt-livepatch": "5.14.21-150500.13.67.3",
            "dlm-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-optional": "5.14.21-150500.13.67.3",
            "kernel-rt_debug": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-devel": "5.14.21-150500.13.67.3",
            "ocfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-livepatch-devel": "5.14.21-150500.13.67.3",
            "gfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-devel-rt": "5.14.21-150500.13.67.3",
            "reiserfs-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-extra": "5.14.21-150500.13.67.3",
            "kernel-rt-devel": "5.14.21-150500.13.67.3",
            "kselftests-kmp-rt": "5.14.21-150500.13.67.3",
            "cluster-md-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-vdso": "5.14.21-150500.13.67.3",
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-vdso": "5.14.21-150500.13.67.3",
            "kernel-syms-rt": "5.14.21-150500.13.67.1",
            "kernel-rt-livepatch-devel": "5.14.21-150500.13.67.3"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt-livepatch": "5.14.21-150500.13.67.3",
            "dlm-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-optional": "5.14.21-150500.13.67.3",
            "kernel-rt_debug": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-devel": "5.14.21-150500.13.67.3",
            "ocfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-livepatch-devel": "5.14.21-150500.13.67.3",
            "gfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-devel-rt": "5.14.21-150500.13.67.3",
            "reiserfs-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-extra": "5.14.21-150500.13.67.3",
            "kernel-rt-devel": "5.14.21-150500.13.67.3",
            "kselftests-kmp-rt": "5.14.21-150500.13.67.3",
            "cluster-md-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-vdso": "5.14.21-150500.13.67.3",
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-vdso": "5.14.21-150500.13.67.3",
            "kernel-syms-rt": "5.14.21-150500.13.67.1",
            "kernel-rt-livepatch-devel": "5.14.21-150500.13.67.3"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt-livepatch": "5.14.21-150500.13.67.3",
            "dlm-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-optional": "5.14.21-150500.13.67.3",
            "kernel-rt_debug": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-devel": "5.14.21-150500.13.67.3",
            "ocfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-livepatch-devel": "5.14.21-150500.13.67.3",
            "gfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-devel-rt": "5.14.21-150500.13.67.3",
            "reiserfs-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-extra": "5.14.21-150500.13.67.3",
            "kernel-rt-devel": "5.14.21-150500.13.67.3",
            "kselftests-kmp-rt": "5.14.21-150500.13.67.3",
            "cluster-md-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-vdso": "5.14.21-150500.13.67.3",
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-vdso": "5.14.21-150500.13.67.3",
            "kernel-syms-rt": "5.14.21-150500.13.67.1",
            "kernel-rt-livepatch-devel": "5.14.21-150500.13.67.3"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.67.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt-livepatch": "5.14.21-150500.13.67.3",
            "dlm-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-optional": "5.14.21-150500.13.67.3",
            "kernel-rt_debug": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-devel": "5.14.21-150500.13.67.3",
            "ocfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-livepatch-devel": "5.14.21-150500.13.67.3",
            "gfs2-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-devel-rt": "5.14.21-150500.13.67.3",
            "reiserfs-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-extra": "5.14.21-150500.13.67.3",
            "kernel-rt-devel": "5.14.21-150500.13.67.3",
            "kselftests-kmp-rt": "5.14.21-150500.13.67.3",
            "cluster-md-kmp-rt": "5.14.21-150500.13.67.3",
            "kernel-rt_debug-vdso": "5.14.21-150500.13.67.3",
            "kernel-source-rt": "5.14.21-150500.13.67.3",
            "kernel-rt": "5.14.21-150500.13.67.3",
            "kernel-rt-vdso": "5.14.21-150500.13.67.3",
            "kernel-syms-rt": "5.14.21-150500.13.67.1",
            "kernel-rt-livepatch-devel": "5.14.21-150500.13.67.3"
        }
    ]
}