File _patchinfo of Package patchinfo.35523
<patchinfo incident="35523">
<issue id="1193629" tracker="bnc">[TRACKERBUG] SLE15-SP4 backports for cifs.ko</issue>
<issue id="1194111" tracker="bnc">VUL-0: CVE-2021-4204: kernel-source: eBPF Improper Input Validation Privilege Escalation Vulnerability</issue>
<issue id="1194765" tracker="bnc">VUL-0: CVE-2022-23222: kernel-source: eBPF Improper Input Validation Vulnerability</issue>
<issue id="1194869" tracker="bnc">[TRACKERBUG] 5.14 powerpc base kernel fixes</issue>
<issue id="1196261" tracker="bnc">VUL-0: CVE-2022-0500: kernel-source-azure,kernel-source,kernel-source-rt: kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges</issue>
<issue id="1196516" tracker="bnc">SLES15 SP4 - ibmvnic: fix a race in ibmvnic_probe()</issue>
<issue id="1196894" tracker="bnc">The OS cannot boot (kernel panic) when enabling VMD and IOMMU scalable mode</issue>
<issue id="1198017" tracker="bnc">[PATCH] blktrace: fix use after free for struct blk_trace</issue>
<issue id="1203329" tracker="bnc">VUL-0: CVE-2022-40133: kernel: use-after-free in 'vmw_execbuf_tie_context' in vmxgfx</issue>
<issue id="1203330" tracker="bnc">VUL-0: CVE-2022-38457: kernel: use-after-free found in 'vmw_cmd_res_check' in vmwgfx driver</issue>
<issue id="1203360" tracker="bnc">[PATCH] btrfs: fix relocation crash due to premature return from btrfs_commit_transaction()</issue>
<issue id="1205462" tracker="bnc">Switching SMT modes takes a long time</issue>
<issue id="1206006" tracker="bnc">[Azure] scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM</issue>
<issue id="1206258" tracker="bnc">VUL-0: CVE-2022-4382: kernel: use-after-free write in put_dev</issue>
<issue id="1206843" tracker="bnc">Lenovo T14s Gen3 AMD resume from sleep broken</issue>
<issue id="1207158" tracker="bnc">[FVTCR]SLES15 SP4 [5.14.21-150400.24.18-default] while running btrfs xfstest with 4k/64k gets stuck with open_ctree failed error and makes lpar unresponsive [P10] [rainier]</issue>
<issue id="1208783" tracker="bnc">Kernel hard lockup when initializing FW sound device with jackdbus</issue>
<issue id="1210644" tracker="bnc">amd_pmc AMDI0007:00: Last suspend didn't reach deepest state</issue>
<issue id="1213580" tracker="bnc">VUL-0: CVE-2023-3610: kernel: use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation</issue>
<issue id="1213632" tracker="bnc">SLE15 SP5 is not stable in Graphical Mode and crash frequently.</issue>
<issue id="1214285" tracker="bnc">All threads of hotplugged CPUs onlined by kernel even when SMT mode with fewer threads is set.</issue>
<issue id="1216834" tracker="bnc">L3: System crashing intermittent with OCFS2</issue>
<issue id="1220428" tracker="bnc">VUL-0: CVE-2023-52458: kernel-source,kernel-source-azure,kernel-source-rt: block: add check that partition length needs to be aligned with block size</issue>
<issue id="1220877" tracker="bnc">VUL-0: CVE-2023-52581: kernel: netfilter: nf_tables: fix memleak when more than 255 elements expired</issue>
<issue id="1220962" tracker="bnc">VUL-0: CVE-2021-47106: kernel: netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy()</issue>
<issue id="1221269" tracker="bnc">VUL-0: CVE-2023-52498: kernel: PM: sleep: Fix possible deadlocks in core system-wide PM code</issue>
<issue id="1221326" tracker="bnc">VUL-0: CVE-2023-52489: kernel: mm/sparsemem: fix race in accessing memory_section->usage</issue>
<issue id="1221630" tracker="bnc">VUL-0: CVE-2024-26631: kernel: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work</issue>
<issue id="1221645" tracker="bnc">SLES15 SP6 - [P10] - LPAR crashes and hangs on running ksefltest powerpc/mce/inject-ra-err with parameter "percpu_alloc=page" enabled</issue>
<issue id="1222335" tracker="bnc">VUL-0: CVE-2024-26668: kernel: netfilter: nft_limit: reject configurations that cause integer overflow</issue>
<issue id="1222350" tracker="bnc">VUL-0: CVE-2024-26669: kernel: net/sched: flower: Fix chain template offload</issue>
<issue id="1222372" tracker="bnc">VUL-0: CVE-2024-26735: kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref</issue>
<issue id="1222387" tracker="bnc">VUL-0: CVE-2024-26677: kernel: rxrpc: Fix delayed ACKs to not set the reference serial number</issue>
<issue id="1222634" tracker="bnc">VUL-0: CVE-2024-26808: kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain</issue>
<issue id="1222808" tracker="bnc">VUL-0: CVE-2024-26812: kernel: vfio/pci: Create persistent INTx handler</issue>
<issue id="1222967" tracker="bnc">VUL-0: CVE-2024-26835: kernel: netfilter: nf_tables: table marked as active but no registered hooks during memory pressure</issue>
<issue id="1223074" tracker="bnc">VUL-0: CVE-2024-26851: kernel: netfilter: nf_conntrack_h323: bmp length out of range</issue>
<issue id="1223191" tracker="bnc">powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt</issue>
<issue id="1223508" tracker="bnc">VUL-0: CVE-2022-48645: kernel: net: enetc: deny offload of tc-based TSN features on VF interfaces</issue>
<issue id="1223720" tracker="bnc">VUL-0: CVE-2024-27010: kernel: net/sched: Fix mirred deadlock on device recursion</issue>
<issue id="1223742" tracker="bnc">VUL-0: CVE-2024-27079: kernel: iommu/vt-d: Fix NULL domain on device release</issue>
<issue id="1223777" tracker="bnc">VUL-0: CVE-2024-27024: kernel: net/rds: fix WARNING in rds_conn_connect_if_down</issue>
<issue id="1223803" tracker="bnc">VUL-0: CVE-2024-27011: kernel: netfilter: nf_tables: fix memleak in map from abort path</issue>
<issue id="1223807" tracker="bnc">VUL-0: CVE-2024-27016: kernel: netfilter: flowtable: validate pppoe header</issue>
<issue id="1224105" tracker="bnc">Partner-L3: [SLES15 SP4] [native nvme multipath] Delays observed in device wwn symmlink initialization in scaled environment</issue>
<issue id="1224415" tracker="bnc">VUL-0: CVE-2024-27403: kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow</issue>
<issue id="1224496" tracker="bnc">VUL-0: CVE-2024-35902: kernel: net/rds: fix possible cp null dereference</issue>
<issue id="1224510" tracker="bnc">VUL-0: CVE-2024-35897: kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion</issue>
<issue id="1224542" tracker="bnc">VUL-0: CVE-2024-36009: kernel: ax25: Fix netdev refcount issue</issue>
<issue id="1224578" tracker="bnc">VUL-0: CVE-2024-35971: kernel: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang</issue>
<issue id="1224639" tracker="bnc">VUL-0: CVE-2024-35945: kernel: net: phy: phy_device: Prevent nullptr exceptions on ISR</issue>
<issue id="1225162" tracker="bnc">L3: CephFS capabilities release doesn't always succeed, causing unresponsive MDS — ref:_00D1igLOd._500TrEwbQX:ref</issue>
<issue id="1225352" tracker="bnc">[Build 13.199] openQA test fails in prepare_firstboot: RPi3 not booting?</issue>
<issue id="1225428" tracker="bnc">VUL-0: CVE-2021-47517: kernel: ethtool: do not perform operations on net devices being unregistered</issue>
<issue id="1225524" tracker="bnc">VUL-0: CVE-2022-48706: kernel: vdpa: ifcvf: do proper cleanup if IFCVF init fails</issue>
<issue id="1225578" tracker="bnc">VUL-0: CVE-2024-36013: kernel: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()</issue>
<issue id="1225582" tracker="bnc">VUL-0: CVE-2023-52859: kernel: perf: hisi: Fix use-after-free when register pmu fails</issue>
<issue id="1225773" tracker="bnc">VUL-0: CVE-2024-36936: kernel: efi/unaccepted: touch soft lockup during memory accept</issue>
<issue id="1225814" tracker="bnc">VUL-0: CVE-2024-36929: kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs</issue>
<issue id="1225827" tracker="bnc">VUL-0: CVE-2024-36962: kernel: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs</issue>
<issue id="1225832" tracker="bnc">VUL-0: CVE-2024-36933: kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().</issue>
<issue id="1225903" tracker="bnc">bpf: backport of iterator and callback handling fixes</issue>
<issue id="1226168" tracker="bnc">fstests btrfs/296 fails on btrfs</issue>
<issue id="1226530" tracker="bnc">[Trackerbug] Mana: Add support for page sizes other than 4KB on ARM64</issue>
<issue id="1226613" tracker="bnc">VUL-0: CVE-2024-38602: kernel: ax25: Fix reference count leak issues of ax25_dev</issue>
<issue id="1226742" tracker="bnc">VUL-0: CVE-2024-38554: kernel: ax25: Fix reference count leak issue of net_device</issue>
<issue id="1226765" tracker="bnc">VUL-0: CVE-2024-31076: kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline</issue>
<issue id="1226798" tracker="bnc">VUL-0: CVE-2024-36270: kernel: netfilter: tproxy: bail out if IP has been disabled on the device</issue>
<issue id="1226801" tracker="bnc">VUL-0: CVE-2024-36286: kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()</issue>
<issue id="1226874" tracker="bnc">VUL-0: CVE-2024-36489: kernel: tls: fix missing memory barrier in tls_init</issue>
<issue id="1226885" tracker="bnc">VUL-0: CVE-2024-38662: kernel: bpf: allow delete from sockmap/sockhash only if update is allowed</issue>
<issue id="1227079" tracker="bnc">s390/cpacf: Make use of invalid opcode produce a link error</issue>
<issue id="1227623" tracker="bnc">VUL-0: CVE-2024-39489: kernel: ipv6: sr: fix memleak in seg6_hmac_init_algo</issue>
<issue id="1227761" tracker="bnc">VUL-0: CVE-2024-40905: kernel: ipv6: fix possible race in __fib6_drop_pcpu_from()</issue>
<issue id="1227830" tracker="bnc">VUL-0: CVE-2024-40995: kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()</issue>
<issue id="1227863" tracker="bnc">VUL-0: CVE-2024-41007: kernel: tcp: avoid too many retransmit packets</issue>
<issue id="1227867" tracker="bnc">VUL-0: CVE-2024-41000: kernel: block/ioctl: prefer different overflow check</issue>
<issue id="1227929" tracker="bnc">VUL-0: CVE-2024-40978: kernel: scsi: qedi: Fix crash while reading debugfs attribute</issue>
<issue id="1227937" tracker="bnc">VUL-0: CVE-2024-40980: kernel: drop_monitor: replace spin_lock by raw_spin_lock</issue>
<issue id="1227958" tracker="bnc">VUL-0: CVE-2022-48808: kernel: net: dsa: fix panic when DSA master device unbinds on shutdown</issue>
<issue id="1228020" tracker="bnc">VUL-0: CVE-2024-41009: kernel: bpf: Fix overrunning reservations in ringbuf</issue>
<issue id="1228065" tracker="bnc">VUL-0: CVE-2022-48865: kernel: tipc: fix kernel panic when enabling bearer</issue>
<issue id="1228114" tracker="bnc">VUL-0: CVE-2024-41011: kernel: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages</issue>
<issue id="1228410" tracker="bnc">VUL-0: CVE-2024-41016: kernel: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()</issue>
<issue id="1228426" tracker="bnc">VUL-0: CVE-2023-52887: kernel: net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new</issue>
<issue id="1228427" tracker="bnc">VUL-0: CVE-2024-41020: kernel: filelock: fix fcntl/close race recovery compat path</issue>
<issue id="1228429" tracker="bnc">VUL-0: CVE-2024-41022: kernel: drm/amdgpu: fix signedness bug in sdma_v4_0_process_trap_irq()</issue>
<issue id="1228446" tracker="bnc">VUL-0: CVE-2024-42095: kernel: serial: 8250_omap: Implementation of Errata i2310</issue>
<issue id="1228447" tracker="bnc">VUL-0: CVE-2024-42092: kernel: gpio: davinci: Validate the obtained number of IRQs</issue>
<issue id="1228449" tracker="bnc">VUL-0: CVE-2024-42090: kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER</issue>
<issue id="1228450" tracker="bnc">VUL-0: CVE-2024-42089: kernel: ASoC: fsl-asoc-card: set priv->pdev before using it</issue>
<issue id="1228452" tracker="bnc">VUL-0: CVE-2024-42086: kernel: iio: chemical: bme680: Fix overflows in compensate() functions</issue>
<issue id="1228456" tracker="bnc">VUL-0: CVE-2024-42085: kernel: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock</issue>
<issue id="1228463" tracker="bnc">VUL-0: CVE-2024-42069: kernel: net: mana: Fix possible double free in error handling path</issue>
<issue id="1228466" tracker="bnc">VUL-0: CVE-2024-41087: kernel: ata: libata-core: Fix double free on error</issue>
<issue id="1228467" tracker="bnc">VUL-0: CVE-2024-41098: kernel: ata: libata-core: Fix null pointer dereference on error</issue>
<issue id="1228469" tracker="bnc">VUL-0: CVE-2024-41088: kernel: can: mcp251xfd: fix infinite loop when xmit fails</issue>
<issue id="1228480" tracker="bnc">VUL-0: CVE-2024-41056: kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files</issue>
<issue id="1228481" tracker="bnc">VUL-0: CVE-2024-42074: kernel: ASoC: amd: acp: add a null check for chip_pdev structure</issue>
<issue id="1228482" tracker="bnc">VUL-0: CVE-2024-42082: kernel: xdp: Remove WARN() from __xdp_reg_mem_model()</issue>
<issue id="1228483" tracker="bnc">VUL-0: CVE-2024-41092: kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers</issue>
<issue id="1228484" tracker="bnc">VUL-0: CVE-2024-42076: kernel: net: can: j1939: Initialize unused data in j1939_send_one()</issue>
<issue id="1228485" tracker="bnc">VUL-0: CVE-2024-41035: kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor</issue>
<issue id="1228487" tracker="bnc">VUL-0: CVE-2024-42148: kernel: bnx2x: Fix multiple UBSAN array-index-out-of-bounds</issue>
<issue id="1228489" tracker="bnc">VUL-0: CVE-2024-42230: kernel: powerpc/pseries: Fix scv instruction crash with kexec</issue>
<issue id="1228491" tracker="bnc">VUL-0: CVE-2024-42142: kernel: net/mlx5: E-switch, Create ingress ACL when needed</issue>
<issue id="1228493" tracker="bnc">VUL-0: CVE-2024-42106: kernel: inet_diag: Initialize pad field in struct inet_diag_req_v2</issue>
<issue id="1228494" tracker="bnc">VUL-0: CVE-2024-42107: kernel: ice: Don't process extts if PTP is disabled</issue>
<issue id="1228495" tracker="bnc">VUL-0: CVE-2024-42101: kernel: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes</issue>
<issue id="1228496" tracker="bnc">VUL-0: CVE-2024-41036: kernel: net: ks8851: Fix deadlock with the SPI chip variant</issue>
<issue id="1228501" tracker="bnc">VUL-0: CVE-2024-42110: kernel: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx()</issue>
<issue id="1228503" tracker="bnc">VUL-0: CVE-2024-42139: kernel: ice: Fix improper extts handling</issue>
<issue id="1228509" tracker="bnc">VUL-0: CVE-2024-41038: kernel: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers</issue>
<issue id="1228513" tracker="bnc">VUL-0: CVE-2024-41097: kernel: usb: atm: cxacru: fix endpoint checking in cxacru_bind()</issue>
<issue id="1228515" tracker="bnc">VUL-0: CVE-2024-41039: kernel: firmware: cs_dsp: Fix overflow checking of wmfw header</issue>
<issue id="1228516" tracker="bnc">VUL-0: CVE-2024-42077: kernel: ocfs2: fix DIO failure due to insufficient transaction credits</issue>
<issue id="1228526" tracker="bnc">VUL-0: CVE-2024-41042: kernel: netfilter: nf_tables: prefer nft_chain_validate</issue>
<issue id="1228531" tracker="bnc">VUL-0: CVE-2024-41045: kernel: bpf: Defer work in bpf_timer_cancel_and_free</issue>
<issue id="1228563" tracker="bnc">VUL-0: CVE-2024-42137: kernel: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot</issue>
<issue id="1228564" tracker="bnc">VUL-0: CVE-2024-42114: kernel: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values</issue>
<issue id="1228567" tracker="bnc">VUL-0: CVE-2024-41060: kernel: drm/radeon: check bo_va->bo is non-NULL before using it</issue>
<issue id="1228576" tracker="bnc">VUL-0: CVE-2024-41062: kernel: bluetooth/l2cap: sync sock recv cb and release</issue>
<issue id="1228579" tracker="bnc">VUL-0: CVE-2024-41068: kernel: s390/sclp: Fix sclp_init() cleanup on failure</issue>
<issue id="1228584" tracker="bnc">VUL-0: CVE-2024-42119: kernel: drm/amd/display: Skip finding free audio for unknown engine_id</issue>
<issue id="1228588" tracker="bnc">VUL-0: CVE-2024-42120: kernel: drm/amd/display: Check pipe offset before setting vblank</issue>
<issue id="1228590" tracker="bnc">VUL-0: CVE-2024-42121: kernel: drm/amd/display: Check index msg_id before read or write</issue>
<issue id="1228615" tracker="bnc">VUL-0: CVE-2024-41079: kernel: nvmet: always initialize cqe.result</issue>
<issue id="1228616" tracker="bnc">VUL-0: CVE-2024-41080: kernel: io_uring: fix possible deadlock in io_register_iowq_max_workers()</issue>
<issue id="1228635" tracker="bnc">VUL-0: CVE-2024-41073: kernel: nvme: avoid double free special payload</issue>
<issue id="1228636" tracker="bnc">VUL-0: CVE-2024-41065: kernel: powerpc/pseries: whitelist dtl slub object for copying to userspace</issue>
<issue id="1228654" tracker="bnc">VUL-0: CVE-2024-42104: kernel: nilfs2: add missing check for inode numbers on directory entries</issue>
<issue id="1228656" tracker="bnc">VUL-0: CVE-2024-42115: kernel: jffs2: fix potential illegal address access in jffs2_free_inode</issue>
<issue id="1228658" tracker="bnc">VUL-0: CVE-2024-41089: kernel: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes</issue>
<issue id="1228660" tracker="bnc">VUL-0: CVE-2024-41093: kernel: drm/amdgpu: avoid using null object of framebuffer</issue>
<issue id="1228662" tracker="bnc">VUL-0: CVE-2024-41095: kernel: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes</issue>
<issue id="1228667" tracker="bnc">VUL-0: CVE-2024-42228: kernel: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc</issue>
<issue id="1228673" tracker="bnc">VUL-0: CVE-2024-42080: kernel: RDMA/restrack: Fix potential invalid address access</issue>
<issue id="1228677" tracker="bnc">VUL-0: CVE-2024-42087: kernel: drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep</issue>
<issue id="1228687" tracker="bnc">VUL-0: CVE-2024-42130: kernel: nfc/nci: add the inconsistency check between the input data length and count</issue>
<issue id="1228706" tracker="bnc">VUL-0: CVE-2024-42162: kernel: gve: Account for stopped queues when reading NIC stats</issue>
<issue id="1228708" tracker="bnc">VUL-0: CVE-2024-42229: kernel: crypto: aead,cipher - zeroize key buffer after use</issue>
<issue id="1228710" tracker="bnc">VUL-0: CVE-2024-42225: kernel: wifi: mt76: replace skb_put with skb_put_zero</issue>
<issue id="1228718" tracker="bnc">VUL-0: CVE-2024-42126: kernel: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt.</issue>
<issue id="1228720" tracker="bnc">VUL-0: CVE-2024-42158: kernel: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings</issue>
<issue id="1228721" tracker="bnc">VUL-0: CVE-2024-42127: kernel: drm/lima: fix shared irq handling on driver remove</issue>
<issue id="1228722" tracker="bnc">VUL-0: CVE-2024-42156: kernel: s390/pkey: Wipe copies of clear-key structures on failure</issue>
<issue id="1228724" tracker="bnc">VUL-0: CVE-2024-42152: kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment</issue>
<issue id="1228726" tracker="bnc">VUL-0: CVE-2024-42223: kernel: media: dvb-frontends: tda10048: Fix integer overflow</issue>
<issue id="1228727" tracker="bnc">VUL-0: CVE-2024-42157: kernel: s390/pkey: Wipe sensitive data on failure</issue>
<issue id="1228733" tracker="bnc">VUL-0: CVE-2024-42155: kernel: s390/pkey: wipe copies of protected- and secure-keys</issue>
<issue id="1228748" tracker="bnc">VUL-0: REJECTED: CVE-2024-42143: kernel: orangefs: fix out-of-bounds fsid access</issue>
<issue id="1228766" tracker="bnc">VUL-0: CVE-2024-42097: kernel: ALSA: emux: improve patch ioctl data validation</issue>
<issue id="1228779" tracker="bnc">VUL-0: CVE-2024-42098: kernel: crypto: ecdh - explicitly zeroize private_key</issue>
<issue id="1228801" tracker="bnc">cgroup/cpuset: Prevent UAF in proc_cpuset_show()</issue>
<issue id="1228850" tracker="bnc">qla2xxx: update driver to 10.02.09.300-k</issue>
<issue id="1228857" tracker="bnc">Update Broadcom Emulex lpfc driver to 14.4.0.3</issue>
<issue id="1228959" tracker="bnc">VUL-0: CVE-2024-42232: kernel: libceph: fix race between delayed_work() and ceph_monc_stop()</issue>
<issue id="1228964" tracker="bnc">VUL-0: CVE-2024-42236: kernel: usb: gadget: configfs: prevent OOB read/write in usb_string_copy()</issue>
<issue id="1228966" tracker="bnc">VUL-0: CVE-2024-42240: kernel: x86/bhi: avoid warning in #DB handler due to BHI mitigation</issue>
<issue id="1228967" tracker="bnc">VUL-0: CVE-2024-42244: kernel: USB: serial: mos7840: fix crash on resume</issue>
<issue id="1228979" tracker="bnc">VUL-0: CVE-2024-42239: kernel: bpf: Fail bpf_timer_cancel when callback is being cancelled</issue>
<issue id="1228988" tracker="bnc">VUL-0: CVE-2024-42247: kernel: wireguard: allowedips: avoid unaligned 64-bit memory accesses</issue>
<issue id="1228989" tracker="bnc">VUL-0: CVE-2024-42246: kernel: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket</issue>
<issue id="1228991" tracker="bnc">VUL-0: CVE-2024-42238: kernel: firmware: cs_dsp: Return error if block header overflows file</issue>
<issue id="1228992" tracker="bnc">VUL-0: CVE-2024-42237: kernel: firmware: cs_dsp: Validate payload length before processing block</issue>
<issue id="1229042" tracker="bnc">Enable kernel-default-livepatch-devel for TW since it's already enabled on Leap</issue>
<issue id="1229054" tracker="bnc">Error probing device: Error sending ATA command IDENTIFY DEVICE to...</issue>
<issue id="1229086" tracker="bnc">mana: Fix RX buf alloc_size alignment and atomic op panic</issue>
<issue id="1229136" tracker="bnc">L3: SLES 15 SP5 kernel soft lockup with timer thread [ ref:_00D1igLOd._500TrFqLno:ref ]</issue>
<issue id="1229154" tracker="bnc">mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings</issue>
<issue id="1229187" tracker="bnc">s390/cpacf: Split and rework cpacf query functions</issue>
<issue id="1229188" tracker="bnc">s390/uv: Panic for set and remove shared access UVC errors</issue>
<issue id="1229190" tracker="bnc">s390/dasd: fix error checks in dasd_copy_pair_store()</issue>
<issue id="1229287" tracker="bnc">VUL-0: CVE-2023-52889: kernel: apparmor: Fix null pointer deref when receiving skb during sock creation</issue>
<issue id="1229290" tracker="bnc">VUL-0: CVE-2024-43819: kernel: kvm: s390: Reject memory region operations for ucontrol VMs</issue>
<issue id="1229292" tracker="bnc">VUL-0: CVE-2024-43853: kernel: cgroup/cpuset: Prevent UAF in proc_cpuset_show()</issue>
<issue id="1229296" tracker="bnc">VUL-0: CVE-2024-43818: kernel: ASoC: amd: Adjust error handling in case of absent codec device</issue>
<issue id="1229297" tracker="bnc">VUL-0: CVE-2024-43837: kernel: bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT</issue>
<issue id="1229301" tracker="bnc">VUL-0: CVE-2024-43839: kernel: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures</issue>
<issue id="1229303" tracker="bnc">VUL-0: CVE-2024-43823: kernel: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()</issue>
<issue id="1229304" tracker="bnc">VUL-0: CVE-2024-43841: kernel: wifi: virt_wifi: avoid reporting connection success with wrong SSID</issue>
<issue id="1229305" tracker="bnc">VUL-0: CVE-2024-43830: kernel: leds: trigger: Unregister sysfs attributes before calling deactivate()</issue>
<issue id="1229307" tracker="bnc">VUL-0: CVE-2024-43849: kernel: soc: qcom: pdr: protect locator_addr with the main mutex</issue>
<issue id="1229309" tracker="bnc">VUL-0: CVE-2024-43831: kernel: media: mediatek: vcodec: Handle invalid decoder vsi</issue>
<issue id="1229312" tracker="bnc">VUL-0: CVE-2024-43817: kernel: net: missing check virtio</issue>
<issue id="1229314" tracker="bnc">VUL-0: CVE-2024-43834: kernel: xdp: fix invalid wait context of page_pool_destroy()</issue>
<issue id="1229315" tracker="bnc">VUL-0: CVE-2024-43821: kernel: scsi: lpfc: Fix a possible null pointer dereference</issue>
<issue id="1229317" tracker="bnc">VUL-0: CVE-2024-43842: kernel: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()</issue>
<issue id="1229318" tracker="bnc">VUL-0: CVE-2024-43816: kernel: scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages</issue>
<issue id="1229319" tracker="bnc">VUL-0: CVE-2024-43860: kernel: remoteproc: imx_rproc: Skip over memory region when node value is NULL</issue>
<issue id="1229327" tracker="bnc">SLES15SP6 [P10 Denali] [ 6.4.0-150600.16-default] In shared/dedicated mode core(CPU), both online and offline, is not functioning as intended when considering various SMT modes.</issue>
<issue id="1229341" tracker="bnc">VUL-0: CVE-2024-43829: kernel: drm/qxl: Add check for drm_cvt_mode</issue>
<issue id="1229345" tracker="bnc">VUL-0: CVE-2024-43854: kernel: block: initialize integrity buffer to zero before writing it to media</issue>
<issue id="1229346" tracker="bnc">VUL-0: CVE-2024-43856: kernel: dma: fix call order in dmam_free_coherent</issue>
<issue id="1229347" tracker="bnc">VUL-0: CVE-2024-42322: kernel: ipvs: properly dereference pe in ip_vs_add_service</issue>
<issue id="1229349" tracker="bnc">VUL-0: CVE-2024-42320: kernel: s390/dasd: fix error checks in dasd_copy_pair_store()</issue>
<issue id="1229350" tracker="bnc">VUL-0: CVE-2024-42319: kernel: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable()</issue>
<issue id="1229351" tracker="bnc">VUL-0: CVE-2024-42318: kernel: landlock: Don't lose track of restrictions on cred_transfer</issue>
<issue id="1229354" tracker="bnc">VUL-0: CVE-2024-42315: kernel: exfat: fix potential deadlock on __exfat_get_dentry_set</issue>
<issue id="1229356" tracker="bnc">VUL-0: CVE-2024-42313: kernel: media: venus: fix use after free in vdec_close</issue>
<issue id="1229357" tracker="bnc">VUL-0: CVE-2024-42312: kernel: sysctl: always initialize i_uid/i_gid</issue>
<issue id="1229358" tracker="bnc">VUL-0: CVE-2024-42310: kernel: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes</issue>
<issue id="1229359" tracker="bnc">VUL-0: CVE-2024-42309: kernel: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes</issue>
<issue id="1229360" tracker="bnc">VUL-0: CVE-2024-43846: kernel: lib: objagg: Fix general protection fault</issue>
<issue id="1229366" tracker="bnc">VUL-0: CVE-2024-42302: kernel: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal</issue>
<issue id="1229370" tracker="bnc">VUL-0: CVE-2024-42295: kernel: nilfs2: handle inconsistent state in nilfs_btnode_create_block()</issue>
<issue id="1229373" tracker="bnc">VUL-0: CVE-2024-42292: kernel: kobject_uevent: Fix OOB access within zap_modalias_env()</issue>
<issue id="1229374" tracker="bnc">VUL-0: CVE-2024-42291: kernel: ice: Add a per-VF limit on number of FDIR filters</issue>
<issue id="1229381" tracker="bnc">VUL-0: CVE-2024-42285: kernel: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs</issue>
<issue id="1229382" tracker="bnc">VUL-0: CVE-2024-42284: kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error</issue>
<issue id="1229383" tracker="bnc">VUL-0: CVE-2024-42283: kernel: net: nexthop: Initialize all fields in dumped nexthops</issue>
<issue id="1229386" tracker="bnc">VUL-0: CVE-2024-42281: kernel: bpf: Fix a segment issue when downgrading gso_size</issue>
<issue id="1229388" tracker="bnc">VUL-0: CVE-2024-42280: kernel: mISDN: Fix a use after free in hfcmulti_tx()</issue>
<issue id="1229391" tracker="bnc">VUL-0: CVE-2024-42268: kernel: net/mlx5: Fix missing lock on sync reset reload</issue>
<issue id="1229392" tracker="bnc">VUL-0: CVE-2024-42287: kernel: scsi: qla2xxx: Complete command early within lock</issue>
<issue id="1229395" tracker="bnc">VUL-0: CVE-2024-42286: kernel: scsi: qla2xxx: validate nvme_local_port correctly</issue>
<issue id="1229398" tracker="bnc">VUL-0: CVE-2024-42288: kernel: scsi: qla2xxx: Fix for possible memory corruption</issue>
<issue id="1229399" tracker="bnc">VUL-0: CVE-2024-42289: kernel: scsi: qla2xxx: During vport delete send async logout explicitly</issue>
<issue id="1229400" tracker="bnc">VUL-0: CVE-2024-42271: kernel: net/iucv: fix use after free in iucv_sock_close()</issue>
<issue id="1229407" tracker="bnc">VUL-0: CVE-2024-42301: kernel: dev/parport: fix the array out-of-bounds risk</issue>
<issue id="1229409" tracker="bnc">VUL-0: CVE-2024-42277: kernel: iommu: sprd: avoid NULL deref in sprd_iommu_hw_en</issue>
<issue id="1229410" tracker="bnc">VUL-0: CVE-2024-42276: kernel: nvme-pci: add missing condition check for existence of mapped data</issue>
<issue id="1229411" tracker="bnc">VUL-0: CVE-2024-42308: kernel: drm/amd/display: Check for NULL pointer</issue>
<issue id="1229413" tracker="bnc">VUL-0: CVE-2024-42311: kernel: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode()</issue>
<issue id="1229414" tracker="bnc">VUL-0: CVE-2024-43858: kernel: jfs: Fix array-index-out-of-bounds in diFree</issue>
<issue id="1229417" tracker="bnc">VUL-0: CVE-2024-42274: kernel: revert "ALSA: firewire-lib: operate for period elapse event in process context"</issue>
<issue id="1229418" tracker="bnc">cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop</issue>
<issue id="1229444" tracker="bnc">L3: TCP segment out of order for IPv6 tunnel [ ref:_00D1igLOd._500TrGL7wX:ref ]</issue>
<issue id="1229453" tracker="bnc">fs/netfs/fscache_cookie: add missing "n_accesses" check</issue>
<issue id="1229454" tracker="bnc">fuse: Initialize beyond-EOF page contents before setting uptodate</issue>
<issue id="1229481" tracker="bnc">VUL-0: CVE-2024-43880: kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning</issue>
<issue id="1229482" tracker="bnc">VUL-0: CVE-2024-43879: kernel: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()</issue>
<issue id="1229488" tracker="bnc">VUL-0: CVE-2024-43873: kernel: vhost/vsock: always initialize seqpacket_allow</issue>
<issue id="1229489" tracker="bnc">VUL-0: CVE-2024-43872: kernel: RDMA/hns: Fix soft lockup under heavy CEQE load</issue>
<issue id="1229490" tracker="bnc">VUL-0: CVE-2024-43871: kernel: devres: Fix memory leakage caused by driver API devm_free_percpu()</issue>
<issue id="1229493" tracker="bnc">VUL-0: CVE-2024-43867: kernel: drm/nouveau: prime: fix refcount underflow</issue>
<issue id="1229495" tracker="bnc">VUL-0: CVE-2024-43866: kernel: net/mlx5: Always drain health in shutdown callback</issue>
<issue id="1229497" tracker="bnc">VUL-0: CVE-2024-43863: kernel: drm/vmwgfx: Fix a deadlock in dma buf fence polling</issue>
<issue id="1229500" tracker="bnc">VUL-0: CVE-2024-43861: kernel: net: usb: qmi_wwan: fix memory leak for not ip packets</issue>
<issue id="1229503" tracker="bnc">VUL-0: CVE-2024-43882: kernel: exec: Fix ToCToU between perm check and set-uid/gid usage</issue>
<issue id="1229506" tracker="bnc">VUL-0: CVE-2022-48868: kernel: dmaengine: idxd: Let probe fail when workqueue cannot be enabled</issue>
<issue id="1229507" tracker="bnc">VUL-0: CVE-2022-48869: kernel: USB: gadgetfs: Fix race between mounting and unmounting</issue>
<issue id="1229508" tracker="bnc">VUL-0: CVE-2022-48870: kernel: tty: fix possible null-ptr-defer in spk_ttyio_release</issue>
<issue id="1229509" tracker="bnc">VUL-0: CVE-2022-48871: kernel: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer</issue>
<issue id="1229510" tracker="bnc">VUL-0: CVE-2022-48872: kernel: misc: fastrpc: Fix use-after-free race condition for maps</issue>
<issue id="1229512" tracker="bnc">VUL-0: CVE-2022-48873: kernel: misc: fastrpc: Don't remove map on creater_process and device_release</issue>
<issue id="1229516" tracker="bnc">VUL-0: CVE-2022-48875: kernel: wifi: mac80211: sdata can be NULL during AMPDU start</issue>
<issue id="1229521" tracker="bnc">VUL-0: CVE-2023-52913: kernel: drm/i915: Fix potential context UAFs</issue>
<issue id="1229522" tracker="bnc">VUL-0: CVE-2023-52911: kernel: drm/msm: another fix for the headless Adreno GPU</issue>
<issue id="1229523" tracker="bnc">VUL-0: CVE-2023-52910: kernel: iommu/iova: Fix alloc iova overflows issue</issue>
<issue id="1229524" tracker="bnc">VUL-0: CVE-2023-52909: kernel: nfsd: fix handling of cached open files in nfsd4_open codepath</issue>
<issue id="1229525" tracker="bnc">VUL-0: CVE-2023-52908: kernel: drm/amdgpu: Fix potential NULL dereference</issue>
<issue id="1229526" tracker="bnc">VUL-0: CVE-2023-52907: kernel: nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()</issue>
<issue id="1229527" tracker="bnc">VUL-0: CVE-2023-52906: kernel: net/sched: act_mpls: Fix warning during failed attribute validation</issue>
<issue id="1229528" tracker="bnc">VUL-0: CVE-2023-52905: kernel: octeontx2-pf: Fix resource leakage in VF driver unbind</issue>
<issue id="1229529" tracker="bnc">VUL-0: CVE-2023-52904: kernel: ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()</issue>
<issue id="1229531" tracker="bnc">VUL-0: CVE-2023-52901: kernel: usb: xhci: Check endpoint is valid before dereferencing it</issue>
<issue id="1229533" tracker="bnc">VUL-0: CVE-2023-52896: kernel: btrfs: fix race between quota rescan and disable leading to NULL pointer deref</issue>
<issue id="1229535" tracker="bnc">VUL-0: CVE-2023-52893: kernel: gsmi: fix null-deref in gsmi_get_variable</issue>
<issue id="1229536" tracker="bnc">VUL-0: CVE-2022-48899: kernel: drm/virtio: Fix GEM handle creation UAF</issue>
<issue id="1229537" tracker="bnc">VUL-0: CVE-2022-48898: kernel: drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer</issue>
<issue id="1229540" tracker="bnc">VUL-0: CVE-2022-48896: kernel: ixgbe: fix pci device refcount leak</issue>
<issue id="1229544" tracker="bnc">VUL-0: CVE-2022-48890: kernel: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM</issue>
<issue id="1229545" tracker="bnc">VUL-0: CVE-2022-48889: kernel: ASoC: Intel: sof-nau8825: fix module alias overflow</issue>
<issue id="1229546" tracker="bnc">VUL-0: CVE-2022-48888: kernel: drm/msm/dpu: Fix memory leak in msm_mdss_parse_data_bus_icc_path</issue>
<issue id="1229547" tracker="bnc">VUL-0: CVE-2022-48887: kernel: drm/vmwgfx: Remove rcu locks from user resources</issue>
<issue id="1229548" tracker="bnc">VUL-0: CVE-2022-48886: kernel: ice: Add check for kzalloc</issue>
<issue id="1229554" tracker="bnc">VUL-0: CVE-2022-48878: kernel: Bluetooth: hci_qca: fix driver shutdown on closed serdev</issue>
<issue id="1229557" tracker="bnc">VUL-0: CVE-2022-48880: kernel: platform/surface: aggregator: add missing call to ssam_request_sync_free()</issue>
<issue id="1229558" tracker="bnc">VUL-0: CVE-2022-48882: kernel: net/mlx5e: fix macsec possible null dereference when updating MAC security entity (SecY)</issue>
<issue id="1229559" tracker="bnc">VUL-0: CVE-2022-48881: kernel: platform/x86/amd: fix refcount leak in amd_pmc_probe</issue>
<issue id="1229560" tracker="bnc">VUL-0: CVE-2022-48883: kernel: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent</issue>
<issue id="1229562" tracker="bnc">VUL-0: CVE-2022-48884: kernel: net/mlx5: fix command stats access after free</issue>
<issue id="1229564" tracker="bnc">VUL-0: CVE-2022-48885: kernel: ice: fix potential memory leak in ice_gnss_tty_write()</issue>
<issue id="1229565" tracker="bnc">VUL-0: CVE-2022-48891: kernel: regulator: da9211: Use irq handler when ready</issue>
<issue id="1229566" tracker="bnc">VUL-0: CVE-2023-52894: kernel: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()</issue>
<issue id="1229568" tracker="bnc">VUL-0: CVE-2023-52898: kernel: xhci: fix null pointer dereference when host dies</issue>
<issue id="1229569" tracker="bnc">VUL-0: CVE-2023-52899: kernel: add exception protection processing for vd in axi_chan_handle_err function</issue>
<issue id="1229572" tracker="bnc">s390/sclp: Prevent release of buffer in I/O</issue>
<issue id="1229573" tracker="bnc">s390/dasd: fix error recovery leading to data corruption on ESE devices</issue>
<issue id="1229576" tracker="bnc">VUL-0: CVE-2022-48893: kernel: drm/i915/gt: Cleanup partial engine discovery failures</issue>
<issue id="1229581" tracker="bnc">VUL-0: CVE-2023-52900: kernel: nilfs2: fix general protection fault in nilfs_btree_insert()</issue>
<issue id="1229588" tracker="bnc">VUL-0: CVE-2023-52912: kernel: drm/amdgpu: fixed bug on error when unloading amdgpu</issue>
<issue id="1229598" tracker="bnc">VUL-0: CVE-2021-4441: kernel: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op()</issue>
<issue id="1229603" tracker="bnc">VUL-0: CVE-2022-48904: kernel: iommu/amd: Fix I/O page table memory leak</issue>
<issue id="1229604" tracker="bnc">VUL-0: CVE-2022-48905: kernel: ibmvnic: free reset-work-item when flushing</issue>
<issue id="1229605" tracker="bnc">VUL-0: CVE-2022-48906: kernel: mptcp: Correctly set DATA_FIN timeout when number of retransmits is large</issue>
<issue id="1229608" tracker="bnc">VUL-0: CVE-2022-48907: kernel: auxdisplay: lcd2s: Fix memory leak in ->remove()</issue>
<issue id="1229611" tracker="bnc">VUL-0: CVE-2022-48909: kernel: net/smc: fix connection leak</issue>
<issue id="1229612" tracker="bnc">VUL-0: CVE-2022-48942: kernel: hwmon: Handle failure to register sensor with thermal zone correctly</issue>
<issue id="1229613" tracker="bnc">VUL-0: CVE-2022-48903: kernel: btrfs: fix relocation crash due to premature return from btrfs_commit_transaction()</issue>
<issue id="1229614" tracker="bnc">VUL-0: CVE-2022-48941: kernel: ice: fix concurrent reset and removal of VFs</issue>
<issue id="1229615" tracker="bnc">VUL-0: CVE-2022-48940: kernel: bpf: Fix crash due to incorrect copy_map_value</issue>
<issue id="1229616" tracker="bnc">VUL-0: CVE-2022-48939: kernel: bpf: Add schedule points in batch ops</issue>
<issue id="1229617" tracker="bnc">VUL-0: CVE-2022-48937: kernel: io_uring: add a schedule point in io_add_buffers()</issue>
<issue id="1229620" tracker="bnc">VUL-0: CVE-2022-48934: kernel: nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()</issue>
<issue id="1229622" tracker="bnc">VUL-0: CVE-2022-48932: kernel: net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte</issue>
<issue id="1229623" tracker="bnc">VUL-0: CVE-2022-48931: kernel: configfs: fix a race in configfs_{,un}register_subsystem()</issue>
<issue id="1229624" tracker="bnc">VUL-0: CVE-2022-48930: kernel: RDMA/ib_srp: Fix a deadlock</issue>
<issue id="1229625" tracker="bnc">VUL-0: CVE-2022-48929: kernel: bpf: Fix crash due to out of bounds access into reg2btf_ids.</issue>
<issue id="1229626" tracker="bnc">VUL-0: CVE-2022-48928: kernel: iio: adc: men_z188_adc: Fix a resource leak in an error handling path</issue>
<issue id="1229628" tracker="bnc">VUL-0: CVE-2022-48927: kernel: iio: adc: tsc2046: fix memory corruption by preventing array overflow</issue>
<issue id="1229629" tracker="bnc">VUL-0: CVE-2022-48926: kernel: usb: gadget: rndis: add spinlock for rndis response list</issue>
<issue id="1229630" tracker="bnc">VUL-0: CVE-2022-48925: kernel: RDMA/cma: Do not change route.addr.src_addr outside state checks</issue>
<issue id="1229631" tracker="bnc">VUL-0: CVE-2022-48924: kernel: thermal: int340x: fix memory leak in int3400_notify()</issue>
<issue id="1229632" tracker="bnc">VUL-0: CVE-2022-48910: kernel: net: ipv6: ensure we call ipv6_mc_down() at most once</issue>
<issue id="1229635" tracker="bnc">VUL-0: CVE-2022-48921: kernel: sched/fair: Fix fault in reweight_entity</issue>
<issue id="1229636" tracker="bnc">VUL-0: CVE-2022-48918: kernel: iwlwifi: mvm: check debugfs_dir ptr before use</issue>
<issue id="1229637" tracker="bnc">VUL-0: CVE-2022-48917: kernel: ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min</issue>
<issue id="1229638" tracker="bnc">VUL-0: CVE-2022-48916: kernel: iommu/vt-d: Fix double list_add when enabling VMD in scalable mode</issue>
<issue id="1229639" tracker="bnc">VUL-0: CVE-2022-48915: kernel: thermal: core: Fix TZ_GET_TRIP NULL pointer dereference</issue>
<issue id="1229641" tracker="bnc">VUL-0: CVE-2022-48912: kernel: netfilter: fix use-after-free in __nf_register_net_hook()</issue>
<issue id="1229642" tracker="bnc">VUL-0: CVE-2022-48914: kernel: xen/netfront: destroy queues before real_num_tx_queues is zeroed</issue>
<issue id="1229643" tracker="bnc">VUL-0: CVE-2022-48913: kernel: blktrace: fix use after free for struct blk_trace</issue>
<issue id="1229645" tracker="bnc">VUL-0: CVE-2022-48943: kernel: KVM: x86/mmu: make apf token non-zero to fix bug</issue>
<issue id="1229657" tracker="bnc">VUL-0: CVE-2022-48919: kernel: cifs: fix double free race when mount fails in cifs_get_root()</issue>
<issue id="1229658" tracker="bnc">VUL-0: CVE-2022-48920: kernel: btrfs: get rid of warning on transaction commit when using flushoncommit</issue>
<issue id="1229662" tracker="bnc">VUL-0: CVE-2022-48923: kernel: btrfs: prevent copying too big compressed lzo segment</issue>
<issue id="1229664" tracker="bnc">VUL-0: CVE-2022-48938: kernel: CDC-NCM: avoid overflow in sanity checking</issue>
<issue id="1229707" tracker="bnc">VUL-0: CVE-2024-43883: kernel: usb: vhci-hcd: do not drop references before new references are gained</issue>
<issue id="1229739" tracker="bnc">VUL-0: CVE-2024-43884: kernel: Bluetooth: MGMT: add error handling to pair_device()</issue>
<issue id="1229743" tracker="bnc">VUL-0: CVE-2024-43889: kernel: padata: fix possible divide-by-0 panic in padata_mt_helper()</issue>
<issue id="1229746" tracker="bnc">VUL-0: CVE-2024-43894: kernel: drm/client: fix null pointer dereference in drm_client_modeset_probe</issue>
<issue id="1229754" tracker="bnc">VUL-0: CVE-2024-43899: kernel: drm/amd/display: Fix null pointer deref in dcn20_resource.c</issue>
<issue id="1229755" tracker="bnc">VUL-0: CVE-2024-43895: kernel: drm/amd/display: skip recompute dsc params if no stream on link</issue>
<issue id="1229756" tracker="bnc">VUL-0: CVE-2024-43900: kernel: media: xc2028: avoid use-after-free in load_firmware_cb()</issue>
<issue id="1229759" tracker="bnc">VUL-0: CVE-2024-43893: kernel: serial: core: check uartclk for zero to avoid divide by zero</issue>
<issue id="1229761" tracker="bnc">VUL-0: CVE-2024-43892: kernel: memcg: protect concurrent access to mem_cgroup_idr</issue>
<issue id="1229767" tracker="bnc">VUL-0: CVE-2024-43902: kernel: drm/amd/display: add null checker before passing variables</issue>
<issue id="1229768" tracker="bnc">VUL-0: CVE-2024-43904: kernel: drm/amd/display: add null checks for 'stream' and 'plane' before dereferencing</issue>
<issue id="1229781" tracker="bnc">VUL-0: CVE-2024-43903: kernel: drm/amd/display: add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update</issue>
<issue id="1229784" tracker="bnc">VUL-0: CVE-2024-43905: kernel: drm/amd/pm: fix the null pointer dereference for vega10_hwmgr</issue>
<issue id="1229787" tracker="bnc">VUL-0: CVE-2024-43907: kernel: drm/amdgpu/pm: fix the null pointer dereference in apply_state_adjust_rules</issue>
<issue id="1229788" tracker="bnc">VUL-0: CVE-2024-43908: kernel: drm/amdgpu: fix the null pointer dereference to ras_manager</issue>
<issue id="1229789" tracker="bnc">VUL-0: CVE-2024-43909: kernel: drm/amdgpu/pm: fix the null pointer dereference for smu7</issue>
<issue id="1229792" tracker="bnc">VUL-0: CVE-2024-44938: kernel: jfs: fix shift-out-of-bounds in dbDiscardAG</issue>
<issue id="1229820" tracker="bnc">VUL-0: CVE-2024-44939: kernel: jfs: fix null ptr deref in dtInsertEntry</issue>
<issue id="2024-35902" tracker="cve" />
<issue id="2023-52904" tracker="cve" />
<issue id="2022-48889" tracker="cve" />
<issue id="2024-43818" tracker="cve" />
<issue id="2024-42302" tracker="cve" />
<issue id="2024-43823" tracker="cve" />
<issue id="2024-43872" tracker="cve" />
<issue id="2024-42285" tracker="cve" />
<issue id="2024-42274" tracker="cve" />
<issue id="2022-48939" tracker="cve" />
<issue id="2022-48940" tracker="cve" />
<issue id="2022-48923" tracker="cve" />
<issue id="2024-43871" tracker="cve" />
<issue id="2024-43856" tracker="cve" />
<issue id="2024-43903" tracker="cve" />
<issue id="2024-43895" tracker="cve" />
<issue id="2024-43905" tracker="cve" />
<issue id="2023-52908" tracker="cve" />
<issue id="2024-43908" tracker="cve" />
<issue id="2023-52912" tracker="cve" />
<issue id="2024-43909" tracker="cve" />
<issue id="2024-43907" tracker="cve" />
<issue id="2024-43894" tracker="cve" />
<issue id="2024-42310" tracker="cve" />
<issue id="2024-42309" tracker="cve" />
<issue id="2023-52913" tracker="cve" />
<issue id="2022-48893" tracker="cve" />
<issue id="2022-48888" tracker="cve" />
<issue id="2024-43867" tracker="cve" />
<issue id="2024-43829" tracker="cve" />
<issue id="2024-43863" tracker="cve" />
<issue id="2022-40133" tracker="cve" />
<issue id="2022-38457" tracker="cve" />
<issue id="2022-48887" tracker="cve" />
<issue id="2021-47546" tracker="cve" />
<issue id="2024-40980" tracker="cve" />
<issue id="2024-42315" tracker="cve" />
<issue id="2024-31076" tracker="cve" />
<issue id="2024-42311" tracker="cve" />
<issue id="2022-48886" tracker="cve" />
<issue id="2022-48885" tracker="cve" />
<issue id="2023-52910" tracker="cve" />
<issue id="2024-43858" tracker="cve" />
<issue id="2024-42292" tracker="cve" />
<issue id="2024-43830" tracker="cve" />
<issue id="2024-43846" tracker="cve" />
<issue id="2024-42313" tracker="cve" />
<issue id="2024-43892" tracker="cve" />
<issue id="2022-48910" tracker="cve" />
<issue id="2024-41036" tracker="cve" />
<issue id="2024-35971" tracker="cve" />
<issue id="2024-36962" tracker="cve" />
<issue id="2022-48884" tracker="cve" />
<issue id="2022-48882" tracker="cve" />
<issue id="2022-48883" tracker="cve" />
<issue id="2023-52909" tracker="cve" />
<issue id="2024-42276" tracker="cve" />
<issue id="2024-43889" tracker="cve" />
<issue id="2022-48881" tracker="cve" />
<issue id="2024-41065" tracker="cve" />
<issue id="2024-42320" tracker="cve" />
<issue id="2024-43816" tracker="cve" />
<issue id="2024-42287" tracker="cve" />
<issue id="2024-42289" tracker="cve" />
<issue id="2024-42288" tracker="cve" />
<issue id="2024-42286" tracker="cve" />
<issue id="2024-43879" tracker="cve" />
<issue id="2024-43842" tracker="cve" />
<issue id="2022-48917" tracker="cve" />
<issue id="2022-48878" tracker="cve" />
<issue id="2022-48938" tracker="cve" />
<issue id="2022-48943" tracker="cve" />
<issue id="2022-48925" tracker="cve" />
<issue id="2022-48930" tracker="cve" />
<issue id="2022-48869" tracker="cve" />
<issue id="2022-48907" tracker="cve" />
<issue id="2022-48913" tracker="cve" />
<issue id="2022-48929" tracker="cve" />
<issue id="2023-52896" tracker="cve" />
<issue id="2022-48903" tracker="cve" />
<issue id="2024-43853" tracker="cve" />
<issue id="2022-48919" tracker="cve" />
<issue id="2022-48931" tracker="cve" />
<issue id="2022-48868" tracker="cve" />
<issue id="2023-52911" tracker="cve" />
<issue id="2022-48898" tracker="cve" />
<issue id="2022-48899" tracker="cve" />
<issue id="2023-52893" tracker="cve" />
<issue id="2022-48942" tracker="cve" />
<issue id="2022-48905" tracker="cve" />
<issue id="2022-48941" tracker="cve" />
<issue id="2022-48928" tracker="cve" />
<issue id="2022-48927" tracker="cve" />
<issue id="2022-48937" tracker="cve" />
<issue id="2022-48904" tracker="cve" />
<issue id="2022-48916" tracker="cve" />
<issue id="2022-48918" tracker="cve" />
<issue id="2022-48896" tracker="cve" />
<issue id="2022-48873" tracker="cve" />
<issue id="2022-48872" tracker="cve" />
<issue id="2022-48932" tracker="cve" />
<issue id="2022-48909" tracker="cve" />
<issue id="2023-52907" tracker="cve" />
<issue id="2022-48934" tracker="cve" />
<issue id="2023-52900" tracker="cve" />
<issue id="2023-52905" tracker="cve" />
<issue id="2022-48880" tracker="cve" />
<issue id="2022-48891" tracker="cve" />
<issue id="2022-48921" tracker="cve" />
<issue id="2022-48890" tracker="cve" />
<issue id="2021-4441" tracker="cve" />
<issue id="2022-48915" tracker="cve" />
<issue id="2022-48924" tracker="cve" />
<issue id="2022-48870" tracker="cve" />
<issue id="2022-48871" tracker="cve" />
<issue id="2023-52894" tracker="cve" />
<issue id="2022-48926" tracker="cve" />
<issue id="2023-52901" tracker="cve" />
<issue id="2022-48875" tracker="cve" />
<issue id="2022-48914" tracker="cve" />
<issue id="2023-52898" tracker="cve" />
<issue id="2024-41011" tracker="cve" />
<issue id="2024-42230" tracker="cve" />
<issue id="2024-42077" tracker="cve" />
<issue id="2024-42097" tracker="cve" />
<issue id="2024-42074" tracker="cve" />
<issue id="2024-42089" tracker="cve" />
<issue id="2024-42137" tracker="cve" />
<issue id="2024-42080" tracker="cve" />
<issue id="2024-41035" tracker="cve" />
<issue id="2024-42244" tracker="cve" />
<issue id="2024-41098" tracker="cve" />
<issue id="2024-41000" tracker="cve" />
<issue id="2023-52458" tracker="cve" />
<issue id="2024-41045" tracker="cve" />
<issue id="2024-42239" tracker="cve" />
<issue id="2024-42229" tracker="cve" />
<issue id="2024-42098" tracker="cve" />
<issue id="2024-42121" tracker="cve" />
<issue id="2024-42120" tracker="cve" />
<issue id="2024-42119" tracker="cve" />
<issue id="2024-41022" tracker="cve" />
<issue id="2024-41093" tracker="cve" />
<issue id="2024-41092" tracker="cve" />
<issue id="2024-42127" tracker="cve" />
<issue id="2024-41095" tracker="cve" />
<issue id="2024-41089" tracker="cve" />
<issue id="2024-42101" tracker="cve" />
<issue id="2024-42087" tracker="cve" />
<issue id="2024-41060" tracker="cve" />
<issue id="2024-41039" tracker="cve" />
<issue id="2024-41038" tracker="cve" />
<issue id="2024-42238" tracker="cve" />
<issue id="2024-41056" tracker="cve" />
<issue id="2024-42237" tracker="cve" />
<issue id="2024-42092" tracker="cve" />
<issue id="2024-42086" tracker="cve" />
<issue id="2024-42115" tracker="cve" />
<issue id="2024-42223" tracker="cve" />
<issue id="2024-42069" tracker="cve" />
<issue id="2024-42076" tracker="cve" />
<issue id="2023-52887" tracker="cve" />
<issue id="2024-42130" tracker="cve" />
<issue id="2024-42104" tracker="cve" />
<issue id="2024-41073" tracker="cve" />
<issue id="2024-41079" tracker="cve" />
<issue id="2024-42152" tracker="cve" />
<issue id="2024-41016" tracker="cve" />
<issue id="2024-42143" tracker="cve" />
<issue id="2024-42090" tracker="cve" />
<issue id="2024-42126" tracker="cve" />
<issue id="2024-41097" tracker="cve" />
<issue id="2024-42085" tracker="cve" />
<issue id="2024-42236" tracker="cve" />
<issue id="2024-42114" tracker="cve" />
<issue id="2024-42225" tracker="cve" />
<issue id="2024-42240" tracker="cve" />
<issue id="2024-44947" tracker="cve" />
<issue id="2024-36936" tracker="cve" />
<issue id="2022-48706" tracker="cve" />
<issue id="2024-43883" tracker="cve" />
<issue id="2024-41062" tracker="cve" />
<issue id="2024-43861" tracker="cve" />
<issue id="2024-36270" tracker="cve" />
<issue id="2023-52489" tracker="cve" />
<issue id="2024-43893" tracker="cve" />
<issue id="2024-43821" tracker="cve" />
<issue id="2024-43900" tracker="cve" />
<issue id="2024-44938" tracker="cve" />
<issue id="2024-44939" tracker="cve" />
<issue id="2024-41087" tracker="cve" />
<issue id="2024-42277" tracker="cve" />
<issue id="2024-43902" tracker="cve" />
<issue id="2024-43904" tracker="cve" />
<issue id="2024-43880" tracker="cve" />
<issue id="2024-43884" tracker="cve" />
<issue id="2024-43899" tracker="cve" />
<issue id="2022-48920" tracker="cve" />
<issue id="2023-52906" tracker="cve" />
<issue id="2024-43882" tracker="cve" />
<issue id="2024-43866" tracker="cve" />
<issue id="2024-26812" tracker="cve" />
<issue id="2022-48912" tracker="cve" />
<issue id="2024-27010" tracker="cve" />
<issue id="2022-48906" tracker="cve" />
<issue id="2024-42155" tracker="cve" />
<issue id="2024-42156" tracker="cve" />
<issue id="2023-52899" tracker="cve" />
<issue id="2024-42158" tracker="cve" />
<issue id="2024-26631" tracker="cve" />
<issue id="2024-43873" tracker="cve" />
<issue id="2024-40905" tracker="cve" />
<issue id="2024-39489" tracker="cve" />
<issue id="2021-47106" tracker="cve" />
<issue id="2021-47517" tracker="cve" />
<issue id="2024-36489" tracker="cve" />
<issue id="2024-41020" tracker="cve" />
<issue id="2024-27079" tracker="cve" />
<issue id="2024-35897" tracker="cve" />
<issue id="2024-27403" tracker="cve" />
<issue id="2024-27011" tracker="cve" />
<issue id="2024-43819" tracker="cve" />
<issue id="2024-26668" tracker="cve" />
<issue id="2024-26835" tracker="cve" />
<issue id="2024-26808" tracker="cve" />
<issue id="2024-27016" tracker="cve" />
<issue id="2024-35945" tracker="cve" />
<issue id="2023-52581" tracker="cve" />
<issue id="2024-36013" tracker="cve" />
<issue id="2024-43837" tracker="cve" />
<issue id="2024-42291" tracker="cve" />
<issue id="2024-42268" tracker="cve" />
<issue id="2024-43834" tracker="cve" />
<issue id="2024-36286" tracker="cve" />
<issue id="2024-26851" tracker="cve" />
<issue id="2024-42157" tracker="cve" />
<issue id="2024-26677" tracker="cve" />
<issue id="2024-36009" tracker="cve" />
<issue id="2023-52859" tracker="cve" />
<issue id="2024-42280" tracker="cve" />
<issue id="2024-42284" tracker="cve" />
<issue id="2024-42283" tracker="cve" />
<issue id="2024-42312" tracker="cve" />
<issue id="2024-43854" tracker="cve" />
<issue id="2024-42322" tracker="cve" />
<issue id="2024-42308" tracker="cve" />
<issue id="2024-42301" tracker="cve" />
<issue id="2024-42318" tracker="cve" />
<issue id="2024-26669" tracker="cve" />
<issue id="2023-52889" tracker="cve" />
<issue id="2022-48645" tracker="cve" />
<issue id="2024-41007" tracker="cve" />
<issue id="2024-36933" tracker="cve" />
<issue id="2024-42295" tracker="cve" />
<issue id="2024-42319" tracker="cve" />
<issue id="2024-43860" tracker="cve" />
<issue id="2024-43831" tracker="cve" />
<issue id="2024-43849" tracker="cve" />
<issue id="2024-43841" tracker="cve" />
<issue id="2024-43839" tracker="cve" />
<issue id="2024-41088" tracker="cve" />
<issue id="2024-42281" tracker="cve" />
<issue id="2024-42271" tracker="cve" />
<issue id="2024-41080" tracker="cve" />
<issue id="2024-42246" tracker="cve" />
<issue id="2024-42232" tracker="cve" />
<issue id="2024-26735" tracker="cve" />
<issue id="2024-42106" tracker="cve" />
<issue id="2024-38662" tracker="cve" />
<issue id="2024-42110" tracker="cve" />
<issue id="2024-42247" tracker="cve" />
<issue id="2022-48865" tracker="cve" />
<issue id="2023-52498" tracker="cve" />
<issue id="2024-41068" tracker="cve" />
<issue id="2022-48808" tracker="cve" />
<issue id="2024-42095" tracker="cve" />
<issue id="2024-40978" tracker="cve" />
<issue id="2024-42107" tracker="cve" />
<issue id="2024-42139" tracker="cve" />
<issue id="2024-42148" tracker="cve" />
<issue id="2024-42142" tracker="cve" />
<issue id="2024-42162" tracker="cve" />
<issue id="2024-42082" tracker="cve" />
<issue id="2024-41042" tracker="cve" />
<issue id="2023-3610" tracker="cve" />
<issue id="2024-42228" tracker="cve" />
<issue id="2024-40995" tracker="cve" />
<issue id="2024-38602" tracker="cve" />
<issue id="2024-38554" tracker="cve" />
<issue id="2024-36929" tracker="cve" />
<issue id="2024-41009" tracker="cve" />
<issue id="2024-27024" tracker="cve" />
<issue id="PED-8491" tracker="jsc" />
<issue id="PED-8779" tracker="jsc" />
<category>security</category>
<rating>important</rating>
<packager>olh</packager>
<reboot_needed/>
<description>
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773).
- CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524).
- CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
- CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
- CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
- CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
- CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
- CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
- CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
- CVE-2024-44939: fix null ptr deref in dtInsertEntry (bsc#1229820).
- CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
- CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
- CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
- CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
- CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
- CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
- CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
- CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
- CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
- CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605)
- CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
- CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
- CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569).
- CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
- CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
- CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488)
- CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
- CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
- CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962)
- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428).
- CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
- CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
- CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
- CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
- CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
- CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
- CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes).
- CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
- CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
- CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-27016: Validate pppoe header (bsc#1223807).
- CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639).
- CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
- CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
- CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
- CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
- CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
- CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
- CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
- CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
- CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
- CVE-2024-26677: Blacklist e7870cf13d20 ("rxrpc: Fix delayed ACKs to not set the reference serial number") (bsc#1222387)
- CVE-2024-36009: Blacklist 467324bcfe1a ("ax25: Fix netdev refcount issue") (bsc#1224542)
- CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
- CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
- CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
- CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
- CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
- CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
- CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
- CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
- CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
- CVE-2024-26669: Fix chain template offload (bsc#1222350).
- CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,).
- CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508).
- CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
- CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
- CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
- CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350).
- CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319).
- CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
- CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307).
- CVE-2024-43841: Do not use strlen() in const context (bsc#1229304).
- CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
- CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469).
- CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
- CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
- CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
- CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
- CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
- CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
- CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
- CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
- CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
- CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
- CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
- CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269).
- CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
- CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958).
- CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
- CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
- CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
- CVE-2024-42139: Fix improper extts handling (bsc#1228503).
- CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
- CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
- CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
- CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
- CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580).
- CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
- CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
- CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (git-fixes CVE-2024-38602 bsc#1226613).
- CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742).
- CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
- CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).
The following non-security bugs were fixed:
- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
- ACPI: bus: Rework system-level device notification handling (git-fixes).
- ACPI: thermal: Drop nocrt parameter (git-fixes).
- ACPI: x86: s2idle: Post-increment variables when getting constraints (git-fixes).
- afs: Do not cross .backup mountpoint from backup volume (git-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: timer: Relax start tick time check for slave timer elements (git-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes).
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes).
- arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
- arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
- arm64: Add Neoverse-V2 part (git-fixes)
- arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
- arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
- arm64: barrier: Restore spec_bar() macro (git-fixes)
- arm64: cpufeature: Add missing .field_width for GIC system registers (git-fixes)
- arm64: cpufeature: Fix the visibility of compat hwcaps (git-fixes)
- arm64: cpufeature: Force HWCAP to be based on the sysreg visible to (git-fixes)
- arm64: cputype: Add Cortex-A720 definitions (git-fixes)
- arm64: cputype: Add Cortex-A725 definitions (git-fixes)
- arm64: cputype: Add Cortex-X1C definitions (git-fixes)
- arm64: cputype: Add Cortex-X3 definitions (git-fixes)
- arm64: cputype: Add Cortex-X4 definitions (git-fixes)
- arm64: cputype: Add Cortex-X925 definitions (git-fixes)
- arm64: cputype: Add Neoverse-V3 definitions (git-fixes)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
- arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (again) (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (git-fixes)
- arm64: errata: Unify speculative SSBS errata logic (git-fixes) Also update default configuration.
- arm64: Fix KASAN random tag seed initialization (git-fixes)
- arm64: Fix KASAN random tag seed initialization (git-fixes)
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- async: Introduce async_schedule_dev_nocall() (bsc#1221269).
- async: Split async_schedule_node_domain() (bsc#1221269).
- Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes).
- Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes).
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes).
- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903).
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes).
- btrfs: fix leak of qgroup extent records after transaction abort (git-fixes).
- btrfs: make btrfs_destroy_delayed_refs() return void (git-fixes).
- btrfs: remove unnecessary prototype declarations at disk-io.c (git-fixes).
- btrfs: sysfs: update fs features directory asynchronously (bsc#1226168).
- cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418).
- ceph: issue a cap release immediately if no cap exists (bsc#1225162).
- ceph: periodically flush the cap releases (bsc#1225162).
- cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- cpuidle, ACPI: Evaluate LPI arch_flags for broadcast timer (git-fixes).
- docs: KVM: Fix register ID of SPSR_FIQ (git-fixes).
- drm: add missing MODULE_DESCRIPTION() macros (stable-fixes).
- drm: panel-orientation-quirks: Add labels for both Valve Steam Deck revisions (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Nanote UMPC-01 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes).
- drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes).
- drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes).
- drm/amd/display: avoid using null object of framebuffer (git-fixes).
- drm/amd/display: Fix && vs || typos (git-fixes).
- drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes).
- drm/amd/display: Validate hw_points_num before using it (stable-fixes).
- drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
- drm/amdgpu: Actually check flags for all context ops (stable-fixes).
- drm/amdgpu: Add lock around VF RLCG interface (stable-fixes).
- drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes).
- drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes).
- drm/amdgpu: Validate TA binary size (stable-fixes).
- drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes).
- drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes).
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes).
- drm/bridge: tc358768: Attempt to fix DSI horizontal timings (stable-fixes).
- drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes).
- drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes).
- drm/lima: set gp bus_stop bit before hard reset (stable-fixes).
- drm/msm/dp: reset the link phy params before link training (git-fixes).
- drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes).
- drm/msm/dpu: do not play tricks with debug macros (git-fixes).
- drm/tegra: Zero-initialize iosys_map (stable-fixes).
- exfat: fix inode->i_blocks for non-512 byte sector size device (git-fixes).
- exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).
- exfat: redefine DIR_DELETED as the bad cluster number (git-fixes).
- exfat: support dynamic allocate bh for exfat_entry_set_cache (git-fixes).
- fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229453).
- fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- genirq: Add might_sleep() to disable_irq() (git-fixes).
- genirq: Always limit the affinity to online CPUs (git-fixes).
- genirq: Do not return error on missing optional irq_request_resources() (git-fixes).
- genirq: Take the proposed affinity at face value if force==true (git-fixes).
- genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes).
- genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
- genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes).
- genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes).
- genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes).
- genirq/msi: Shutdown managed interrupts with unsatifiable affinities (git-fixes).
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes).
- i2c: smbus: Improve handling of stuck alerts (git-fixes).
- i2c: smbus: Send alert notifications to all devices if source not found (git-fixes).
- iommu/amd: Convert comma to semicolon (git-fixes).
- ip6_tunnel: Fix broken GRO (bsc#1229444).
- ipv6: sr: fix incorrect unregister order (git-fixes).
- irqdomain: Drop bogus fwspec-mapping error handling (git-fixes).
- irqdomain: Fix association race (git-fixes).
- irqdomain: Fix disassociation race (git-fixes).
- irqdomain: Fix domain registration race (git-fixes).
- irqdomain: Fix mapping-creation race (git-fixes).
- irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
- irqdomain: Look for existing mapping only once (git-fixes).
- irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes).
- irqdomain: Report irq number for NOMAP domains (git-fixes).
- kprobes: Fix to check symbol prefixes correctly (git-fixes).
- lockd: move from strlcpy with unused retval to strscpy (git-fixes).
- memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes).
- mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes).
- net: ks8851: Fix another TX stall caused by wrong ISR flag handling (git-fixes).
- net: ks8851: Fix deadlock with the SPI chip variant (git-fixes).
- net: ks8851: Fix potential TX stall after interface reopen (git-fixes).
- net: ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes).
- net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
- net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
- net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
- net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
- net: remove two BUG() from skb_checksum_help() (bsc#1229312).
- net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes).
- net/rds: fix possible cp null dereference (git-fixes).
- net/sched: initialize noop_qdisc owner (git-fixes).
- nfc: pn533: Add poll mod list filling check (git-fixes).
- nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
- nfs: make the rpc_stat per net namespace (git-fixes).
- NFSD: add posix ACLs to struct nfsd_attrs (git-fixes).
- NFSD: add security label to struct nfsd_attrs (git-fixes).
- NFSD: fix regression with setting ACLs (git-fixes).
- NFSD: Fix strncpy() fortify warning (git-fixes).
- NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes).
- NFSD: introduce struct nfsd_attrs (git-fixes).
- NFSD: move from strlcpy with unused retval to strscpy (git-fixes).
- NFSD: Optimize DRC bucket pruning (git-fixes).
- nfsd: return error if nfs4_setacl fails (git-fixes).
- NFSD: set attributes when creating symlinks (git-fixes).
- nfsd: use locks_inode_context helper (git-fixes).
- nilfs2: Remove check for PageError (git-fixes).
- nvme_core: scan namespaces asynchronously (bsc#1224105).
- ocfs2: use coarse time for new created files (git-fixes).
- padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes).
- perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
- platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779).
- platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779).
- platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779).
- platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779).
- platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779).
- platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779).
- platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779).
- platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
- platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779).
- platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779).
- platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779).
- power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes).
- power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes).
- powerpc: Fail build if using recordmcount with binutils v2.37 (bsc#1194869).
- powerpc: Mark .opd section read-only (bsc#1194869).
- powerpc: use generic version of arch_is_kernel_initmem_freed() (bsc#1194869).
- powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869).
- powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869).
- powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869).
- powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869).
- powerpc/kexec: make the update_cpus_node() function public (bsc#1194869).
- powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869).
- powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869).
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869).
- powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869).
- powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869).
- RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes).
- RDMA/rxe: Fix incomplete state save in rxe_requester (git-fixes)
- RDMA/rxe: Fix rxe_modify_srq (git-fixes)
- RDMA/rxe: Move work queue code to subroutines (git-fixes)
- s390/cpacf: get rid of register asm (git-fixes bsc#1227079 bsc#1229187).
- s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227079).
- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1229187).
- s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190).
- s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573).
- s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229572).
- s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229188).
- spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes).
- RDMA/rxe: Handle zero length rdma (git-fixes)
- sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes).
- SUNRPC: Fix a race to wake a sync task (git-fixes).
- swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes).
- syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes).
- tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes).
- ubifs: add check for crypto_shash_tfm_digest (git-fixes).
- ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).
- ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
- ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
- vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
- wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes).
- wifi: mwifiex: duplicate static structs used in driver instances (git-fixes).
- x86/APM: drop the duplicate APM_MINOR_DEV macro (git-fixes).
- x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
- x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes).
- x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes).
- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
- xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes).
- xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes).
- xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
- xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
