Vulnerability from csaf_suse
Published
2022-08-25 09:08
Modified
2022-08-25 09:08
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-2639: Fixed integer underflow that could lead to out-of-bounds write in reserve_sfa_size() (bsc#1202154).
- CVE-2020-36516: Fixed TCP session data injection vulnerability via the mixed IPID assignment method (bnc#1196616).
- CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service (bnc#1201940).
- CVE-2022-29581: Fixed improper update of Reference Count in net/sched that could cause root privilege escalation (bnc#1199665).
- CVE-2022-20166: Fixed several possible memory safety issues due to unsafe operations (bsc#1200598).
- CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910).
- CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of TTYs could lead to a use-after-free (bnc#1201429).
- CVE-2022-21505: Fixed kexec lockdown bypass with IMA policy (bsc#1201458).
- CVE-2021-33656: Fixed memory out of bounds write related to ioctl cmd PIO_FONT (bnc#1201636).
- CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635).
- CVE-2022-1462: Fixed an out-of-bounds read flaw in the TTY subsystem (bnc#1198829).
- CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which allowed a local attacker to cause memory corruption and escalate privileges to root (bnc#1199647).
- CVE-2022-2318: Fixed a use-after-free vulnerability in the timer handler in Rose subsystem that allowed unprivileged attackers to crash the system (bsc#1201251).
- CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).
The following non-security bugs were fixed:
- Fix bsc#1201644, bsc#1201664, bsc#1201672, bsc#1201673, bsc#1201676 All are reports of the same problem - the IBRS_* regs push/popping was wrong but it needs 1b331eeea7b8 ('x86/entry: Remove skip_r11rcx') too.
- ACPI: APEI: Better fix to avoid spamming the console with old error logs (git-fixes).
- ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).
- ACPI: video: Shortening quirk list by identifying Clevo by board_name only (git-fixes).
- ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).
- ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model (git-fixes).
- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).
- ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array (git-fixes).
- ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() (git-fixes).
- ASoC: Remove unused hw_write_t type (git-fixes).
- ASoC: cs47l15: Fix event generation for low power mux control (git-fixes).
- ASoC: madera: Fix event generation for OUT1 demux (git-fixes).
- ASoC: madera: Fix event generation for rate controls (git-fixes).
- ASoC: ops: Fix off by one in range control validation (git-fixes).
- ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).
- ASoC: wm5110: Fix DRE control (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put (git-fixes).
- Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
- Fixed a regression where smart batteries would not be detected on Mac (bsc#1201206).
- Fixed an issue where qla2xxx would prevent nvme port discovery (bsc#1200651 bsc#1200644 bsc#1201954 bsc#1201958).
- FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR (git-fixes).
- FDDI: defxx: Make MMIO the configuration default except for EISA (git-fixes).
- Fix 1201644, 1201664, 1201672, 1201673, 1201676 All are reports of the same problem - the IBRS_* regs push/popping was wrong but it needs 1b331eeea7b8 ('x86/entry: Remove skip_r11rcx') too.
- HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes).
- KVM: VMX: Add non-canonical check on writes to RTIT address MSRs (git-fixes).
- KVM: VMX: Do not freeze guest when event delivery causes an APIC-access exit (git-fixes).
- KVM: apic: avoid calculating pending eoi from an uninitialized val (git-fixes).
- KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)
- KVM: arm64: Fix definition of PAGE_HYP_DEVICE (git-fixes)
- KVM: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930).
- KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs (git-fixes).
- KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 (git-fixes).
- KVM: x86: Do not let userspace set host-reserved cr4 bits (git-fixes).
- KVM: x86: Fix split-irqchip vs interrupt injection window request (git-fixes).
- KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks (git-fixes).
- KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint (git-fixes).
- NFC: nxp-nci: do not print header length mismatch on i2c error (git-fixes).
- PCI/portdrv: Do not disable AER reporting in get_port_device_capability() (git-fixes).
- PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).
- PCI: dwc: Always enable CDM check if 'snps,enable-cdm-check' exists (git-fixes).
- PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).
- PCI: dwc: Disable outbound windows only for controllers using iATU (git-fixes).
- PCI: dwc: Stop link on host_init errors and de-initialization (git-fixes).
- PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes).
- PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes).
- PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep() (git-fixes).
- PCI: tegra194: Fix Root Port interrupt handling (git-fixes).
- PCI: tegra194: Fix link up retry sequence (git-fixes).
- PM: runtime: Remove link state checks in rpm_get/put_supplier() (git-fixes).
- USB: Follow-up to SPDX identifiers addition - remove now useless comments (git-fixes).
- USB: serial: fix tty-port initialized comments (git-fixes).
- USB: serial: ftdi_sio: add Belimo device ids (git-fixes).
- arm64 module: set plt* section addresses to 0x0 (git-fixes)
- arm64: asm: Add new-style position independent function annotations (git-fixes)
- arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return (git-fixes)
- arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function (git-fixes)
- arm64: dts: marvell: espressobin: Add ethernet switch aliases (git-fixes)
- arm64: dts: marvell: espressobin: add ethernet alias (git-fixes)
- arm64: dts: mcbin: support 2W SFP modules (git-fixes)
- arm64: fix compat syscall return truncation (git-fixes)
- arm64: fix inline asm in load_unaligned_zeropad() (git-fixes)
- arm64: mm: Do not invalidate FROM_DEVICE buffers at start of DMA (git-fixes)
- arm64: module: remove (NOLOAD) from linker script (git-fixes)
- arm64: module: rework special section handling (git-fixes)
- arm64: perf: Report the PC value in REGS_ABI_32 mode (git-fixes)
- arm64: ptrace: Consistently use pseudo-singlestep exceptions (git-fixes)
- arm64: ptrace: Override SPSR.SS when single-stepping is enabled (git-fixes)
- arm64: stackleak: fix current_top_of_stack() (git-fixes)
- arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (git-fixes)
- arm64: vdso: Avoid ISB after reading from cntvct_el0 (git-fixes)
- ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes).
- ath10k: do not enforce interrupt trigger type (git-fixes).
- ax88179_178a: add ethtool_op_get_ts_info() (git-fixes).
- blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (git-fixes).
- blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (git-fixes).
- block/compat_ioctl: fix range check in BLKGETSIZE (git-fixes).
- block: Fix fsync always failed if once failed (git-fixes).
- block: Fix wrong offset in bio_truncate() (git-fixes).
- block: bio-integrity: Advance seed correctly for larger interval sizes (git-fixes).
- block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit (git-fixes).
- bpf, cpumap: Remove rcpu pointer from cpu_map_build_skb signature (bsc#1199364).
- bpf: enable BPF type format (BTF) (jsc#SLE-24559).
- bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() (git-fixes).
- can: Break loopback loop on loopback documentation (git-fixes).
- can: error: specify the values of data[5..7] of CAN error frames (git-fixes).
- can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).
- can: hi311x: do not report txerr and rxerr during bus-off (git-fixes).
- can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off (git-fixes).
- can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off (git-fixes).
- can: m_can: process interrupt only when not runtime suspended (git-fixes).
- can: pch_can: do not report txerr and rxerr during bus-off (git-fixes).
- can: pch_can: pch_can_error(): initialize errc before using it (git-fixes).
- can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes).
- can: sja1000: do not report txerr and rxerr during bus-off (git-fixes).
- can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes).
- can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes).
- clk: qcom: camcc-sdm845: Fix topology around titan_top power domain (git-fixes).
- clk: qcom: clk-krait: unlock spin after mux completion (git-fixes).
- clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes).
- clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).
- clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).
- clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks (git-fixes).
- clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).
- cpuidle: PSCI: Move the `has_lpi` check to the beginning of the (git-fixes)
- crypto: qat - disable registration of algorithms (git-fixes).
- crypto: qat - fix memory leak in RSA (git-fixes).
- crypto: qat - remove dma_free_coherent() for DH (git-fixes).
- crypto: qat - remove dma_free_coherent() for RSA (git-fixes).
- crypto: qat - set to zero DH parameters before free (git-fixes).
- cxgb4: Fix the -Wmisleading-indentation warning (git-fixes).
- dm btree remove: assign new_root only when removal succeeds (git-fixes).
- dm btree remove: fix use after free in rebalance_children() (git-fixes).
- dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size (git-fixes).
- dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (git-fixes).
- dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (git-fixes).
- dm crypt: make printing of the key constant-time (git-fixes).
- dm integrity: conditionally disable 'recalculate' feature (git-fixes).
- dm integrity: fix a crash if 'recalculate' used without 'internal_hash' (git-fixes).
- dm integrity: fix error code in dm_integrity_ctr() (git-fixes).
- dm integrity: fix memory corruption when tag_size is less than digest size (git-fixes).
- dm integrity: fix the maximum number of arguments (git-fixes).
- dm mirror log: round up region bitmap size to BITS_PER_LONG (git-fixes).
- dm persistent data: packed struct should have an aligned() attribute too (git-fixes).
- dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences (git-fixes).
- dm snapshot: fix crash with transient storage and zero chunk size (git-fixes).
- dm snapshot: flush merged data before committing metadata (git-fixes).
- dm snapshot: properly fix a crash when an origin has no snapshots (git-fixes).
- dm space map common: fix division bug in sm_ll_find_free_block() (git-fixes).
- dm stats: add cond_resched when looping over entries (git-fixes).
- dm verity: fix FEC for RS roots unaligned to block size (git-fixes).
- dm: fix mempool NULL pointer race when completing IO (git-fixes).
- dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (git-fixes).
- dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).
- dmaengine: pl330: Fix lockdep warning about non-static key (git-fixes).
- dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (git-fixes).
- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (git-fixes).
- do not call utsname() after ->nsproxy is NULL (bsc#1201196).
- drbd: fix potential silent data corruption (git-fixes).
- driver core: fix potential deadlock in __driver_attach (git-fixes).
- drivers/net: Fix kABI in tun.c (git-fixes).
- drivers: net: fix memory leak in atusb_probe (git-fixes).
- drivers: net: fix memory leak in peak_usb_create_dev (git-fixes).
- drm/amd/display: Enable building new display engine with KCOV enabled (git-fixes).
- drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes).
- drm/doc: Fix comment typo (git-fixes).
- drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed (git-fixes).
- drm/i915/gt: Serialize TLB invalidates with GT resets (git-fixes).
- drm/i915/selftests: fix a couple IS_ERR() vs NULL tests (git-fixes).
- drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() (git-fixes).
- drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).
- drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function (git-fixes).
- drm/mediatek: dpi: Only enable dpi after the bridge is enabled (git-fixes).
- drm/mediatek: dpi: Remove output format of YUV (git-fixes).
- drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).
- drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform (git-fixes).
- drm/msm/mdp5: Fix global state lock backoff (git-fixes).
- drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).
- drm/panfrost: Fix shrinker list corruption by madvise IOCTL (git-fixes).
- drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error (git-fixes).
- drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).
- drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() (git-fixes).
- drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes).
- drm/rockchip: vop: Do not crash for invalid duplicate_state() (git-fixes).
- drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes).
- drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration (git-fixes).
- drm/vc4: dsi: Correct DSI divider calculations (git-fixes).
- drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).
- drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes (git-fixes).
- drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).
- drm/vc4: plane: Fix margin calculations for the right/bottom edges (git-fixes).
- drm/vc4: plane: Remove subpixel positioning check (git-fixes).
- drm: adv7511: override i2c address of cec before accessing it (git-fixes).
- drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes).
- drm: bridge: sii8620: fix possible off-by-one (git-fixes).
- fbcon: Disallow setting font bigger than screen size (git-fixes).
- fbcon: Prevent that screen size is smaller than font size (git-fixes).
- fbdev: fbmem: Fix logo center image dx issue (git-fixes).
- fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).
- fpga: altera-pr-ip: fix unsigned comparison with less than zero (git-fixes).
- ftgmac100: Restart MAC HW once (git-fixes).
- gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() (git-fixes).
- gpio: pca953x: only use single read/write for No AI mode (git-fixes).
- gpio: pca953x: use the correct range when do regmap sync (git-fixes).
- gpio: pca953x: use the correct register address when regcache sync during init (git-fixes).
- hex2bin: make the function hex_to_bin constant-time (git-fixes).
- hv_netvsc: Add (more) validation for untrusted Hyper-V values (bsc#1199364).
- hv_netvsc: Add comment of netvsc_xdp_xmit() (bsc#1199364).
- hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364).
- hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer (bsc#1199364).
- hv_netvsc: Fix validation in netvsc_linkstatus_callback() (bsc#1199364).
- i2c: Fix a potential use after free (git-fixes).
- i2c: cadence: Change large transfer count reset logic to be unconditional (git-fixes).
- i2c: cadence: Support PEC for SMBus block read (git-fixes).
- i2c: cadence: Unregister the clk notifier in error path (git-fixes).
- i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes).
- ida: do not use BUG_ON() for debugging (git-fixes).
- igb: Enable RSS for Intel I211 Ethernet Controller (git-fixes).
- iio: accel: bma220: Fix alignment for DMA safety (git-fixes).
- iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).
- iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).
- iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1027: Fix alignment for DMA safety (git-fixes).
- iio: adc: max11100: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1118: Fix alignment for DMA safety (git-fixes).
- iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).
- iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes).
- iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large (git-fixes).
- iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).
- iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).
- iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).
- iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes).
- iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes).
- iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).
- iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes).
- iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes).
- iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes).
- iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes).
- iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes).
- iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes).
- iio: proximity: as3935: Fix alignment for DMA safety (git-fixes).
- iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes).
- iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).
- ima: Fix a potential integer overflow in ima_appraise_measurement (git-fixes).
- ima: Fix potential memory leak in ima_init_crypto() (git-fixes).
- intel_th: Fix a resource leak in an error handling path (git-fixes).
- intel_th: msu-sink: Potential dereference of null pointer (git-fixes).
- intel_th: msu: Fix vmalloced buffers (git-fixes).
- kABI workaround for rtsx_usb (git-fixes).
- kvm/emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).
- lib/string.c: implement stpcpy (git-fixes).
- linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check (git-fixes).
- linux/random.h: Remove arch_has_random, arch_has_random_seed (git-fixes).
- linux/random.h: Use false with bool (git-fixes).
- lkdtm: Disable return thunks in rodata.c (bsc#1178134).
- macvlan: remove redundant null check on data (git-fixes).
- md/bitmap: wait for external bitmap writes to complete during tear down (git-fixes).
- md/raid0: Ignore RAID0 layout if the second zone has only one device (git-fixes).
- md: Set prev_flush_start and flush_bio in an atomic way (git-fixes).
- md: bcache: check the return value of kzalloc() in detached_dev_do_request() (git-fixes).
- media: hdpvr: fix error value returns in hdpvr_read (git-fixes).
- media: rc: increase rc-mm tolerance and add debug message (git-fixes).
- media: rtl28xxu: Add support for PROlectrix DV107669 DVB-T dongle (git-fixes).
- media: rtl28xxu: add missing sleep before probing slave demod (git-fixes).
- media: rtl28xxu: set keymap for Astrometa DVB-T2 (git-fixes).
- media: smipcie: fix interrupt handling and IR timeout (git-fixes).
- media: tw686x: Register the irq at the end of probe (git-fixes).
- media: usb: dvb-usb-v2: rtl28xxu: convert to use i2c_new_client_device() (git-fixes).
- media: v4l2-mem2mem: always consider OUTPUT queue during poll (git-fixes).
- media: v4l2-mem2mem: reorder checks in v4l2_m2m_poll() (git-fixes).
- mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() (git-fixes).
- memregion: Fix memregion_free() fallback definition (git-fixes).
- memstick/ms_block: Fix a memory leak (git-fixes).
- memstick/ms_block: Fix some incorrect memory allocation (git-fixes).
- meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes).
- misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes).
- misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer (git-fixes).
- misc: rtsx_usb: set return value in rsp_buf alloc err path (git-fixes).
- misc: rtsx_usb: use separate command and response buffers (git-fixes).
- mm: fix page reference leak in soft_offline_page() (git fixes (mm/memory-failure)).
- mmc: cavium-octeon: Add of_node_put() when breaking out of loop (git-fixes).
- mmc: cavium-thunderx: Add of_node_put() when breaking out of loop (git-fixes).
- mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (git-fixes).
- mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch (git-fixes).
- mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle (git-fixes).
- mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg (git-fixes).
- net, xdp: Introduce __xdp_build_skb_from_frame utility routine (bsc#1199364).
- net, xdp: Introduce xdp_build_skb_from_frame utility routine (bsc#1199364).
- net/mlx5e: When changing XDP program without reset, take refs for XSK RQs (git-fixes).
- net/sonic: Fix a resource leak in an error handling path in 'jazz_sonic_probe()' (git-fixes).
- net/sonic: Fix some resource leaks in error handling paths (git-fixes).
- net: ag71xx: remove unnecessary MTU reservation (git-fixes).
- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).
- net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning (git-fixes).
- net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP (git-fixes).
- net: amd-xgbe: Reset link when the link never comes back (git-fixes).
- net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout (git-fixes).
- net: axienet: Handle deferred probe on clock properly (git-fixes).
- net: dsa: b53: fix an off by one in checking 'vlan->vid' (git-fixes).
- net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port (git-fixes).
- net: dsa: bcm_sf2: put device node before return (git-fixes).
- net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE (git-fixes).
- net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock (git-fixes).
- net: enetc: fix incorrect TPID when receiving 802.1ad tagged packets (git-fixes).
- net: enetc: keep RX ring consumer index in sync with hardware (git-fixes).
- net: evaluate net.ipv4.conf.all.proxy_arp_pvlan (git-fixes).
- net: evaluate net.ipvX.conf.all.ignore_routes_with_linkdown (git-fixes).
- net: ftgmac100: Fix crash when removing driver (git-fixes).
- net: hdlc_x25: Return meaningful error code in x25_open (git-fixes).
- net: hns3: fix error mask definition of flow director (git-fixes).
- net: hso: bail out on interrupt URB allocation failure (git-fixes).
- net: lapbether: Prevent racing when checking whether the netif is running (git-fixes).
- net: lapbether: Remove netif_start_queue / netif_stop_queue (git-fixes).
- net: ll_temac: Fix potential NULL dereference in temac_probe() (git-fixes).
- net: ll_temac: Use devm_platform_ioremap_resource_byname() (git-fixes).
- net: macb: add function to disable all macb clocks (git-fixes).
- net: macb: restore cmp registers on resume path (git-fixes).
- net: macb: unprepare clocks in case of failure (git-fixes).
- net: mscc: Fix OF_MDIO config check (git-fixes).
- net: mvneta: Remove per-cpu queue mapping for Armada 3700 (git-fixes).
- net: mvpp2: fix interrupt mask/unmask skip condition (git-fixes).
- net: rose: fix UAF bug caused by rose_t0timer_expiry (git-fixes).
- net: stmmac: Modify configuration method of EEE timers (git-fixes).
- net: stmmac: Use resolved link config in mac_link_up() (git-fixes).
- net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes (git-fixes).
- net: stmmac: dwmac1000: provide multicast filter fallback (git-fixes).
- net: stmmac: fix CBS idleslope and sendslope calculation (git-fixes).
- net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 (git-fixes).
- net: stmmac: fix watchdog timeout during suspend/resume stress test (git-fixes).
- net: stmmac: stop each tx channel independently (git-fixes).
- net: tun: set tun->dev->addr_len during TUNSETLINK processing (git-fixes).
- net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes).
- net: usb: ax88179_178a: add MCT usb 3.0 adapter (git-fixes).
- net: usb: ax88179_178a: add Toshiba usb 3.0 adapter (git-fixes).
- net: usb: ax88179_178a: remove redundant assignment to variable ret (git-fixes).
- net: usb: ax88179_178a: write mac to hardware in get_mac_addr (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).
- net: usb: use eth_hw_addr_set() (git-fixes).
- nvme: consider also host_iface when checking ip options (bsc#1199670).
- octeontx2-af: fix infinite loop in unmapping NPC counter (git-fixes).
- octeontx2-af: fix memory leak of lmac and lmac->name (git-fixes).
- pinctrl: sunxi: a83t: Fix NAND function name for some pins (git-fixes).
- pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).
- platform/olpc: Fix uninitialized data in debugfs write (git-fixes).
- platform/x86: hp-wmi: Ignore Sanitization Mode event (git-fixes).
- power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe (git-fixes).
- powerpc/mobility: wait for memory transfer to complete (bsc#1201846 ltc#198761).
- powerpc/pseries/mobility: set NMI watchdog factor during an LPM (bsc#1201846 ltc#198761).
- powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846 ltc#198761).
- profiling: fix shift-out-of-bounds bugs (git fixes).
- r8169: fix accessing unset transport header (git-fixes).
- random: document add_hwgenerator_randomness() with other input functions (git-fixes).
- random: fix typo in comments (git-fixes).
- random: remove useless header comment (git fixes).
- raw: Fix a data-race around sysctl_raw_l3mdev_accept (git-fixes).
- regulator: of: Fix refcount leak bug in of_get_regulation_constraints() (git-fixes).
- sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)
- sched/fair: Revise comment about lb decision matrix (git fixes (sched/fair)).
- sched/membarrier: fix missing local execution of ipi_sync_rq_state() (git fixes (sched/membarrier)).
- scsi: core: Fix error handling of scsi_host_alloc() (git-fixes).
- scsi: core: Fix failure handling of scsi_add_host_with_dma() (git-fixes).
- scsi: core: Only put parent device if host state differs from SHOST_CREATED (git-fixes).
- scsi: core: Put .shost_dev in failure path if host state changes to RUNNING (git-fixes).
- scsi: core: Put LLD module refcnt after SCSI device is released (git-fixes).
- scsi: core: Retry I/O for Notify (Enable Spinup) Required error (git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.5 patches (bsc#1201956).
- scsi: lpfc: Fix attempted FA-PWWN usage after feature disable (bsc#1201956).
- scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test (bsc#1201956 bsc#1200521).
- scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE (bsc#1201956).
- scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb() (bsc#1201956).
- scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input (bsc#1201956).
- scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into lpfc_sli_prep_abort_xri() (bsc#1201956).
- scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).
- scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after VMID (bsc#1201956).
- scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration (bsc#1201956).
- scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb (bsc#1201956).
- scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956).
- scsi: qla2xxx: Check correct variable in qla24xx_async_gffid() (bsc#1201958).
- scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958).
- scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).
- scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958).
- scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1201958).
- scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).
- scsi: qla2xxx: Update manufacturer details (bsc#1201958).
- scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958).
- scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958).
- scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).
- scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() (git-fixes).
- scsi: sd: Fix potential NULL pointer dereference (git-fixes).
- scsi: ufs: Release clock if DMA map fails (git-fixes).
- scsi: ufs: handle cleanup correctly on devm_reset_control_get error (git-fixes).
- serial: 8250: fix return error code in serial8250_request_std_resource() (git-fixes).
- serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle (git-fixes).
- serial: stm32: Clear prev values before setting RTS delays (git-fixes).
- soc: fsl: guts: machine variable might be unset (git-fixes).
- soc: ixp4xx/npe: Fix unused match warning (git-fixes).
- soundwire: bus_type: fix remove and shutdown support (git-fixes).
- spi: <linux/spi/spi.h>: add missing struct kernel-doc entry (git-fixes).
- spi: amd: Limit max transfer and message size (git-fixes).
- staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback (git-fixes).
- sysctl: Fix data races in proc_dointvec() (git-fixes).
- sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).
- sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).
- sysctl: Fix data races in proc_douintvec() (git-fixes).
- sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).
- sysctl: Fix data-races in proc_dointvec_ms_jiffies() (git-fixes).
- thermal/tools/tmon: Include pthread and time headers in tmon.h (git-fixes).
- tick/nohz: Use WARN_ON_ONCE() to prevent console saturation (git fixes (kernel/time)).
- usb: dwc3: add cancelled reasons for dwc3 requests (git-fixes).
- usb: dwc3: gadget: Fix event pending check (git-fixes).
- usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).
- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).
- usb: host: xhci: use snprintf() in xhci_decode_trb() (git-fixes).
- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).
- usb: typec: add missing uevent when partner support PD (git-fixes).
- usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion (git-fixes).
- usb: xhci: tegra: Fix error check (git-fixes).
- usbnet: fix memory leak in error case (git-fixes).
- video: of_display_timing.h: include errno.h (git-fixes).
- virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes).
- virtio-net: fix the race between refill work and close (git-fixes).
- virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).
- virtio_mmio: Restore guest page size on resume (git-fixes).
- watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761).
- wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue (git-fixes).
- wifi: libertas: Fix possible refcount leak in if_usb_probe() (git-fixes).
- wifi: mac80211: fix queue selection for mesh/OCB interfaces (git-fixes).
- wifi: p54: Fix an error handling path in p54spi_probe() (git-fixes).
- wifi: p54: add missing parentheses in p54_flush() (git-fixes).
- wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() (git-fixes).
- wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() (git-fixes).
- wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` (git-fixes).
- x86/bugs: Remove apostrophe typo (bsc#1178134).
- x86/entry: Remove skip_r11rcx (bsc#1201644).
- x86/kvmclock: Move this_cpu_pvti into kvmclock.h (git-fixes).
- x86/retbleed: Add fine grained Kconfig knobs (bsc#1178134).
- xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue (bsc#1201381).
- xen: detect uninitialized xenbus in xenbus_init (git-fixes).
- xen: do not continue xenstore initialization in case of errors (git-fixes).
Patchnames
SUSE-2022-2892,openSUSE-Leap-Micro-5.2-2022-2892
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-2639: Fixed integer underflow that could lead to out-of-bounds write in reserve_sfa_size() (bsc#1202154).\n- CVE-2020-36516: Fixed TCP session data injection vulnerability via the mixed IPID assignment method (bnc#1196616).\n- CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service (bnc#1201940).\n- CVE-2022-29581: Fixed improper update of Reference Count in net/sched that could cause root privilege escalation (bnc#1199665).\n- CVE-2022-20166: Fixed several possible memory safety issues due to unsafe operations (bsc#1200598).\n- CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910).\n- CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of TTYs could lead to a use-after-free (bnc#1201429).\n- CVE-2022-21505: Fixed kexec lockdown bypass with IMA policy (bsc#1201458).\n- CVE-2021-33656: Fixed memory out of bounds write related to ioctl cmd PIO_FONT (bnc#1201636).\n- CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635).\n- CVE-2022-1462: Fixed an out-of-bounds read flaw in the TTY subsystem (bnc#1198829).\n- CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which allowed a local attacker to cause memory corruption and escalate privileges to root (bnc#1199647).\n- CVE-2022-2318: Fixed a use-after-free vulnerability in the timer handler in Rose subsystem that allowed unprivileged attackers to crash the system (bsc#1201251).\n- CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).\n\nThe following non-security bugs were fixed:\n\n- Fix bsc#1201644, bsc#1201664, bsc#1201672, bsc#1201673, bsc#1201676 All are reports of the same problem - the IBRS_* regs push/popping was wrong but it needs 1b331eeea7b8 ('x86/entry: Remove skip_r11rcx') too.\n- ACPI: APEI: Better fix to avoid spamming the console with old error logs (git-fixes).\n- ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).\n- ACPI: video: Shortening quirk list by identifying Clevo by board_name only (git-fixes).\n- ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).\n- ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model (git-fixes).\n- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop (git-fixes).\n- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 (git-fixes).\n- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).\n- ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array (git-fixes).\n- ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() (git-fixes).\n- ASoC: Remove unused hw_write_t type (git-fixes).\n- ASoC: cs47l15: Fix event generation for low power mux control (git-fixes).\n- ASoC: madera: Fix event generation for OUT1 demux (git-fixes).\n- ASoC: madera: Fix event generation for rate controls (git-fixes).\n- ASoC: ops: Fix off by one in range control validation (git-fixes).\n- ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).\n- ASoC: wm5110: Fix DRE control (git-fixes).\n- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put (git-fixes).\n- Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).\n- Fixed a regression where smart batteries would not be detected on Mac (bsc#1201206).\n- Fixed an issue where qla2xxx would prevent nvme port discovery (bsc#1200651 bsc#1200644 bsc#1201954 bsc#1201958).\n- FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR (git-fixes).\n- FDDI: defxx: Make MMIO the configuration default except for EISA (git-fixes).\n- Fix 1201644, 1201664, 1201672, 1201673, 1201676 All are reports of the same problem - the IBRS_* regs push/popping was wrong but it needs 1b331eeea7b8 ('x86/entry: Remove skip_r11rcx') too.\n- HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes).\n- KVM: VMX: Add non-canonical check on writes to RTIT address MSRs (git-fixes).\n- KVM: VMX: Do not freeze guest when event delivery causes an APIC-access exit (git-fixes).\n- KVM: apic: avoid calculating pending eoi from an uninitialized val (git-fixes).\n- KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)\n- KVM: arm64: Fix definition of PAGE_HYP_DEVICE (git-fixes)\n- KVM: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930).\n- KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs (git-fixes).\n- KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 (git-fixes).\n- KVM: x86: Do not let userspace set host-reserved cr4 bits (git-fixes).\n- KVM: x86: Fix split-irqchip vs interrupt injection window request (git-fixes).\n- KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks (git-fixes).\n- KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint (git-fixes).\n- NFC: nxp-nci: do not print header length mismatch on i2c error (git-fixes).\n- PCI/portdrv: Do not disable AER reporting in get_port_device_capability() (git-fixes).\n- PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).\n- PCI: dwc: Always enable CDM check if 'snps,enable-cdm-check' exists (git-fixes).\n- PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).\n- PCI: dwc: Disable outbound windows only for controllers using iATU (git-fixes).\n- PCI: dwc: Stop link on host_init errors and de-initialization (git-fixes).\n- PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes).\n- PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes).\n- PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep() (git-fixes).\n- PCI: tegra194: Fix Root Port interrupt handling (git-fixes).\n- PCI: tegra194: Fix link up retry sequence (git-fixes).\n- PM: runtime: Remove link state checks in rpm_get/put_supplier() (git-fixes).\n- USB: Follow-up to SPDX identifiers addition - remove now useless comments (git-fixes).\n- USB: serial: fix tty-port initialized comments (git-fixes).\n- USB: serial: ftdi_sio: add Belimo device ids (git-fixes).\n- arm64 module: set plt* section addresses to 0x0 (git-fixes)\n- arm64: asm: Add new-style position independent function annotations (git-fixes)\n- arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return (git-fixes)\n- arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function (git-fixes)\n- arm64: dts: marvell: espressobin: Add ethernet switch aliases (git-fixes)\n- arm64: dts: marvell: espressobin: add ethernet alias (git-fixes)\n- arm64: dts: mcbin: support 2W SFP modules (git-fixes)\n- arm64: fix compat syscall return truncation (git-fixes)\n- arm64: fix inline asm in load_unaligned_zeropad() (git-fixes)\n- arm64: mm: Do not invalidate FROM_DEVICE buffers at start of DMA (git-fixes)\n- arm64: module: remove (NOLOAD) from linker script (git-fixes)\n- arm64: module: rework special section handling (git-fixes)\n- arm64: perf: Report the PC value in REGS_ABI_32 mode (git-fixes)\n- arm64: ptrace: Consistently use pseudo-singlestep exceptions (git-fixes)\n- arm64: ptrace: Override SPSR.SS when single-stepping is enabled (git-fixes)\n- arm64: stackleak: fix current_top_of_stack() (git-fixes)\n- arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (git-fixes)\n- arm64: vdso: Avoid ISB after reading from cntvct_el0 (git-fixes)\n- ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes).\n- ath10k: do not enforce interrupt trigger type (git-fixes).\n- ax88179_178a: add ethtool_op_get_ts_info() (git-fixes).\n- blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (git-fixes).\n- blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (git-fixes).\n- block/compat_ioctl: fix range check in BLKGETSIZE (git-fixes).\n- block: Fix fsync always failed if once failed (git-fixes).\n- block: Fix wrong offset in bio_truncate() (git-fixes).\n- block: bio-integrity: Advance seed correctly for larger interval sizes (git-fixes).\n- block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit (git-fixes).\n- bpf, cpumap: Remove rcpu pointer from cpu_map_build_skb signature (bsc#1199364).\n- bpf: enable BPF type format (BTF) (jsc#SLE-24559).\n- bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() (git-fixes).\n- can: Break loopback loop on loopback documentation (git-fixes).\n- can: error: specify the values of data[5..7] of CAN error frames (git-fixes).\n- can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).\n- can: hi311x: do not report txerr and rxerr during bus-off (git-fixes).\n- can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off (git-fixes).\n- can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off (git-fixes).\n- can: m_can: process interrupt only when not runtime suspended (git-fixes).\n- can: pch_can: do not report txerr and rxerr during bus-off (git-fixes).\n- can: pch_can: pch_can_error(): initialize errc before using it (git-fixes).\n- can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes).\n- can: sja1000: do not report txerr and rxerr during bus-off (git-fixes).\n- can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes).\n- can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes).\n- clk: qcom: camcc-sdm845: Fix topology around titan_top power domain (git-fixes).\n- clk: qcom: clk-krait: unlock spin after mux completion (git-fixes).\n- clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes).\n- clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).\n- clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).\n- clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks (git-fixes).\n- clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).\n- cpuidle: PSCI: Move the `has_lpi` check to the beginning of the (git-fixes)\n- crypto: qat - disable registration of algorithms (git-fixes).\n- crypto: qat - fix memory leak in RSA (git-fixes).\n- crypto: qat - remove dma_free_coherent() for DH (git-fixes).\n- crypto: qat - remove dma_free_coherent() for RSA (git-fixes).\n- crypto: qat - set to zero DH parameters before free (git-fixes).\n- cxgb4: Fix the -Wmisleading-indentation warning (git-fixes).\n- dm btree remove: assign new_root only when removal succeeds (git-fixes).\n- dm btree remove: fix use after free in rebalance_children() (git-fixes).\n- dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size (git-fixes).\n- dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (git-fixes).\n- dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (git-fixes).\n- dm crypt: make printing of the key constant-time (git-fixes).\n- dm integrity: conditionally disable 'recalculate' feature (git-fixes).\n- dm integrity: fix a crash if 'recalculate' used without 'internal_hash' (git-fixes).\n- dm integrity: fix error code in dm_integrity_ctr() (git-fixes).\n- dm integrity: fix memory corruption when tag_size is less than digest size (git-fixes).\n- dm integrity: fix the maximum number of arguments (git-fixes).\n- dm mirror log: round up region bitmap size to BITS_PER_LONG (git-fixes).\n- dm persistent data: packed struct should have an aligned() attribute too (git-fixes).\n- dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences (git-fixes).\n- dm snapshot: fix crash with transient storage and zero chunk size (git-fixes).\n- dm snapshot: flush merged data before committing metadata (git-fixes).\n- dm snapshot: properly fix a crash when an origin has no snapshots (git-fixes).\n- dm space map common: fix division bug in sm_ll_find_free_block() (git-fixes).\n- dm stats: add cond_resched when looping over entries (git-fixes).\n- dm verity: fix FEC for RS roots unaligned to block size (git-fixes).\n- dm: fix mempool NULL pointer race when completing IO (git-fixes).\n- dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (git-fixes).\n- dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).\n- dmaengine: pl330: Fix lockdep warning about non-static key (git-fixes).\n- dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (git-fixes).\n- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (git-fixes).\n- do not call utsname() after ->nsproxy is NULL (bsc#1201196).\n- drbd: fix potential silent data corruption (git-fixes).\n- driver core: fix potential deadlock in __driver_attach (git-fixes).\n- drivers/net: Fix kABI in tun.c (git-fixes).\n- drivers: net: fix memory leak in atusb_probe (git-fixes).\n- drivers: net: fix memory leak in peak_usb_create_dev (git-fixes).\n- drm/amd/display: Enable building new display engine with KCOV enabled (git-fixes).\n- drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes).\n- drm/doc: Fix comment typo (git-fixes).\n- drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed (git-fixes).\n- drm/i915/gt: Serialize TLB invalidates with GT resets (git-fixes).\n- drm/i915/selftests: fix a couple IS_ERR() vs NULL tests (git-fixes).\n- drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() (git-fixes).\n- drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).\n- drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function (git-fixes).\n- drm/mediatek: dpi: Only enable dpi after the bridge is enabled (git-fixes).\n- drm/mediatek: dpi: Remove output format of YUV (git-fixes).\n- drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).\n- drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform (git-fixes).\n- drm/msm/mdp5: Fix global state lock backoff (git-fixes).\n- drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).\n- drm/panfrost: Fix shrinker list corruption by madvise IOCTL (git-fixes).\n- drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error (git-fixes).\n- drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).\n- drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() (git-fixes).\n- drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes).\n- drm/rockchip: vop: Do not crash for invalid duplicate_state() (git-fixes).\n- drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes).\n- drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration (git-fixes).\n- drm/vc4: dsi: Correct DSI divider calculations (git-fixes).\n- drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).\n- drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes (git-fixes).\n- drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).\n- drm/vc4: plane: Fix margin calculations for the right/bottom edges (git-fixes).\n- drm/vc4: plane: Remove subpixel positioning check (git-fixes).\n- drm: adv7511: override i2c address of cec before accessing it (git-fixes).\n- drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes).\n- drm: bridge: sii8620: fix possible off-by-one (git-fixes).\n- fbcon: Disallow setting font bigger than screen size (git-fixes).\n- fbcon: Prevent that screen size is smaller than font size (git-fixes).\n- fbdev: fbmem: Fix logo center image dx issue (git-fixes).\n- fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).\n- fpga: altera-pr-ip: fix unsigned comparison with less than zero (git-fixes).\n- ftgmac100: Restart MAC HW once (git-fixes).\n- gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() (git-fixes).\n- gpio: pca953x: only use single read/write for No AI mode (git-fixes).\n- gpio: pca953x: use the correct range when do regmap sync (git-fixes).\n- gpio: pca953x: use the correct register address when regcache sync during init (git-fixes).\n- hex2bin: make the function hex_to_bin constant-time (git-fixes).\n- hv_netvsc: Add (more) validation for untrusted Hyper-V values (bsc#1199364).\n- hv_netvsc: Add comment of netvsc_xdp_xmit() (bsc#1199364).\n- hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364).\n- hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer (bsc#1199364).\n- hv_netvsc: Fix validation in netvsc_linkstatus_callback() (bsc#1199364).\n- i2c: Fix a potential use after free (git-fixes).\n- i2c: cadence: Change large transfer count reset logic to be unconditional (git-fixes).\n- i2c: cadence: Support PEC for SMBus block read (git-fixes).\n- i2c: cadence: Unregister the clk notifier in error path (git-fixes).\n- i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes).\n- ida: do not use BUG_ON() for debugging (git-fixes).\n- igb: Enable RSS for Intel I211 Ethernet Controller (git-fixes).\n- iio: accel: bma220: Fix alignment for DMA safety (git-fixes).\n- iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).\n- iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).\n- iio: adc: max1027: Fix alignment for DMA safety (git-fixes).\n- iio: adc: max11100: Fix alignment for DMA safety (git-fixes).\n- iio: adc: max1118: Fix alignment for DMA safety (git-fixes).\n- iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).\n- iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).\n- iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes).\n- iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large (git-fixes).\n- iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).\n- iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).\n- iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).\n- iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).\n- iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes).\n- iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes).\n- iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes).\n- iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).\n- iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).\n- iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).\n- iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes).\n- iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes).\n- iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes).\n- iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes).\n- iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes).\n- iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes).\n- iio: proximity: as3935: Fix alignment for DMA safety (git-fixes).\n- iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes).\n- iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).\n- ima: Fix a potential integer overflow in ima_appraise_measurement (git-fixes).\n- ima: Fix potential memory leak in ima_init_crypto() (git-fixes).\n- intel_th: Fix a resource leak in an error handling path (git-fixes).\n- intel_th: msu-sink: Potential dereference of null pointer (git-fixes).\n- intel_th: msu: Fix vmalloced buffers (git-fixes).\n- kABI workaround for rtsx_usb (git-fixes).\n- kvm/emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).\n- lib/string.c: implement stpcpy (git-fixes).\n- linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check (git-fixes).\n- linux/random.h: Remove arch_has_random, arch_has_random_seed (git-fixes).\n- linux/random.h: Use false with bool (git-fixes).\n- lkdtm: Disable return thunks in rodata.c (bsc#1178134).\n- macvlan: remove redundant null check on data (git-fixes).\n- md/bitmap: wait for external bitmap writes to complete during tear down (git-fixes).\n- md/raid0: Ignore RAID0 layout if the second zone has only one device (git-fixes).\n- md: Set prev_flush_start and flush_bio in an atomic way (git-fixes).\n- md: bcache: check the return value of kzalloc() in detached_dev_do_request() (git-fixes).\n- media: hdpvr: fix error value returns in hdpvr_read (git-fixes).\n- media: rc: increase rc-mm tolerance and add debug message (git-fixes).\n- media: rtl28xxu: Add support for PROlectrix DV107669 DVB-T dongle (git-fixes).\n- media: rtl28xxu: add missing sleep before probing slave demod (git-fixes).\n- media: rtl28xxu: set keymap for Astrometa DVB-T2 (git-fixes).\n- media: smipcie: fix interrupt handling and IR timeout (git-fixes).\n- media: tw686x: Register the irq at the end of probe (git-fixes).\n- media: usb: dvb-usb-v2: rtl28xxu: convert to use i2c_new_client_device() (git-fixes).\n- media: v4l2-mem2mem: always consider OUTPUT queue during poll (git-fixes).\n- media: v4l2-mem2mem: reorder checks in v4l2_m2m_poll() (git-fixes).\n- mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() (git-fixes).\n- memregion: Fix memregion_free() fallback definition (git-fixes).\n- memstick/ms_block: Fix a memory leak (git-fixes).\n- memstick/ms_block: Fix some incorrect memory allocation (git-fixes).\n- meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes).\n- misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes).\n- misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer (git-fixes).\n- misc: rtsx_usb: set return value in rsp_buf alloc err path (git-fixes).\n- misc: rtsx_usb: use separate command and response buffers (git-fixes).\n- mm: fix page reference leak in soft_offline_page() (git fixes (mm/memory-failure)).\n- mmc: cavium-octeon: Add of_node_put() when breaking out of loop (git-fixes).\n- mmc: cavium-thunderx: Add of_node_put() when breaking out of loop (git-fixes).\n- mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (git-fixes).\n- mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch (git-fixes).\n- mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle (git-fixes).\n- mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg (git-fixes).\n- net, xdp: Introduce __xdp_build_skb_from_frame utility routine (bsc#1199364).\n- net, xdp: Introduce xdp_build_skb_from_frame utility routine (bsc#1199364).\n- net/mlx5e: When changing XDP program without reset, take refs for XSK RQs (git-fixes).\n- net/sonic: Fix a resource leak in an error handling path in 'jazz_sonic_probe()' (git-fixes).\n- net/sonic: Fix some resource leaks in error handling paths (git-fixes).\n- net: ag71xx: remove unnecessary MTU reservation (git-fixes).\n- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).\n- net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning (git-fixes).\n- net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP (git-fixes).\n- net: amd-xgbe: Reset link when the link never comes back (git-fixes).\n- net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout (git-fixes).\n- net: axienet: Handle deferred probe on clock properly (git-fixes).\n- net: dsa: b53: fix an off by one in checking 'vlan->vid' (git-fixes).\n- net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port (git-fixes).\n- net: dsa: bcm_sf2: put device node before return (git-fixes).\n- net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE (git-fixes).\n- net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock (git-fixes).\n- net: enetc: fix incorrect TPID when receiving 802.1ad tagged packets (git-fixes).\n- net: enetc: keep RX ring consumer index in sync with hardware (git-fixes).\n- net: evaluate net.ipv4.conf.all.proxy_arp_pvlan (git-fixes).\n- net: evaluate net.ipvX.conf.all.ignore_routes_with_linkdown (git-fixes).\n- net: ftgmac100: Fix crash when removing driver (git-fixes).\n- net: hdlc_x25: Return meaningful error code in x25_open (git-fixes).\n- net: hns3: fix error mask definition of flow director (git-fixes).\n- net: hso: bail out on interrupt URB allocation failure (git-fixes).\n- net: lapbether: Prevent racing when checking whether the netif is running (git-fixes).\n- net: lapbether: Remove netif_start_queue / netif_stop_queue (git-fixes).\n- net: ll_temac: Fix potential NULL dereference in temac_probe() (git-fixes).\n- net: ll_temac: Use devm_platform_ioremap_resource_byname() (git-fixes).\n- net: macb: add function to disable all macb clocks (git-fixes).\n- net: macb: restore cmp registers on resume path (git-fixes).\n- net: macb: unprepare clocks in case of failure (git-fixes).\n- net: mscc: Fix OF_MDIO config check (git-fixes).\n- net: mvneta: Remove per-cpu queue mapping for Armada 3700 (git-fixes).\n- net: mvpp2: fix interrupt mask/unmask skip condition (git-fixes).\n- net: rose: fix UAF bug caused by rose_t0timer_expiry (git-fixes).\n- net: stmmac: Modify configuration method of EEE timers (git-fixes).\n- net: stmmac: Use resolved link config in mac_link_up() (git-fixes).\n- net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes (git-fixes).\n- net: stmmac: dwmac1000: provide multicast filter fallback (git-fixes).\n- net: stmmac: fix CBS idleslope and sendslope calculation (git-fixes).\n- net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 (git-fixes).\n- net: stmmac: fix watchdog timeout during suspend/resume stress test (git-fixes).\n- net: stmmac: stop each tx channel independently (git-fixes).\n- net: tun: set tun->dev->addr_len during TUNSETLINK processing (git-fixes).\n- net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes).\n- net: usb: ax88179_178a: add MCT usb 3.0 adapter (git-fixes).\n- net: usb: ax88179_178a: add Toshiba usb 3.0 adapter (git-fixes).\n- net: usb: ax88179_178a: remove redundant assignment to variable ret (git-fixes).\n- net: usb: ax88179_178a: write mac to hardware in get_mac_addr (git-fixes).\n- net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).\n- net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).\n- net: usb: use eth_hw_addr_set() (git-fixes).\n- nvme: consider also host_iface when checking ip options (bsc#1199670).\n- octeontx2-af: fix infinite loop in unmapping NPC counter (git-fixes).\n- octeontx2-af: fix memory leak of lmac and lmac->name (git-fixes).\n- pinctrl: sunxi: a83t: Fix NAND function name for some pins (git-fixes).\n- pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).\n- platform/olpc: Fix uninitialized data in debugfs write (git-fixes).\n- platform/x86: hp-wmi: Ignore Sanitization Mode event (git-fixes).\n- power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe (git-fixes).\n- powerpc/mobility: wait for memory transfer to complete (bsc#1201846 ltc#198761).\n- powerpc/pseries/mobility: set NMI watchdog factor during an LPM (bsc#1201846 ltc#198761).\n- powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846 ltc#198761).\n- profiling: fix shift-out-of-bounds bugs (git fixes).\n- r8169: fix accessing unset transport header (git-fixes).\n- random: document add_hwgenerator_randomness() with other input functions (git-fixes).\n- random: fix typo in comments (git-fixes).\n- random: remove useless header comment (git fixes).\n- raw: Fix a data-race around sysctl_raw_l3mdev_accept (git-fixes).\n- regulator: of: Fix refcount leak bug in of_get_regulation_constraints() (git-fixes).\n- sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)\n- sched/fair: Revise comment about lb decision matrix (git fixes (sched/fair)).\n- sched/membarrier: fix missing local execution of ipi_sync_rq_state() (git fixes (sched/membarrier)).\n- scsi: core: Fix error handling of scsi_host_alloc() (git-fixes).\n- scsi: core: Fix failure handling of scsi_add_host_with_dma() (git-fixes).\n- scsi: core: Only put parent device if host state differs from SHOST_CREATED (git-fixes).\n- scsi: core: Put .shost_dev in failure path if host state changes to RUNNING (git-fixes).\n- scsi: core: Put LLD module refcnt after SCSI device is released (git-fixes).\n- scsi: core: Retry I/O for Notify (Enable Spinup) Required error (git-fixes).\n- scsi: lpfc: Copyright updates for 14.2.0.5 patches (bsc#1201956).\n- scsi: lpfc: Fix attempted FA-PWWN usage after feature disable (bsc#1201956).\n- scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test (bsc#1201956 bsc#1200521).\n- scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE (bsc#1201956).\n- scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb() (bsc#1201956).\n- scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input (bsc#1201956).\n- scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into lpfc_sli_prep_abort_xri() (bsc#1201956).\n- scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).\n- scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after VMID (bsc#1201956).\n- scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration (bsc#1201956).\n- scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb (bsc#1201956).\n- scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956).\n- scsi: qla2xxx: Check correct variable in qla24xx_async_gffid() (bsc#1201958).\n- scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958).\n- scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).\n- scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958).\n- scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1201958).\n- scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).\n- scsi: qla2xxx: Update manufacturer details (bsc#1201958).\n- scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958).\n- scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958).\n- scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).\n- scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() (git-fixes).\n- scsi: sd: Fix potential NULL pointer dereference (git-fixes).\n- scsi: ufs: Release clock if DMA map fails (git-fixes).\n- scsi: ufs: handle cleanup correctly on devm_reset_control_get error (git-fixes).\n- serial: 8250: fix return error code in serial8250_request_std_resource() (git-fixes).\n- serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle (git-fixes).\n- serial: stm32: Clear prev values before setting RTS delays (git-fixes).\n- soc: fsl: guts: machine variable might be unset (git-fixes).\n- soc: ixp4xx/npe: Fix unused match warning (git-fixes).\n- soundwire: bus_type: fix remove and shutdown support (git-fixes).\n- spi: <linux/spi/spi.h>: add missing struct kernel-doc entry (git-fixes).\n- spi: amd: Limit max transfer and message size (git-fixes).\n- staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback (git-fixes).\n- sysctl: Fix data races in proc_dointvec() (git-fixes).\n- sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).\n- sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).\n- sysctl: Fix data races in proc_douintvec() (git-fixes).\n- sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).\n- sysctl: Fix data-races in proc_dointvec_ms_jiffies() (git-fixes).\n- thermal/tools/tmon: Include pthread and time headers in tmon.h (git-fixes).\n- tick/nohz: Use WARN_ON_ONCE() to prevent console saturation (git fixes (kernel/time)).\n- usb: dwc3: add cancelled reasons for dwc3 requests (git-fixes).\n- usb: dwc3: gadget: Fix event pending check (git-fixes).\n- usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).\n- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).\n- usb: host: xhci: use snprintf() in xhci_decode_trb() (git-fixes).\n- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).\n- usb: typec: add missing uevent when partner support PD (git-fixes).\n- usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion (git-fixes).\n- usb: xhci: tegra: Fix error check (git-fixes).\n- usbnet: fix memory leak in error case (git-fixes).\n- video: of_display_timing.h: include errno.h (git-fixes).\n- virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes).\n- virtio-net: fix the race between refill work and close (git-fixes).\n- virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).\n- virtio_mmio: Restore guest page size on resume (git-fixes).\n- watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761).\n- wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() (git-fixes).\n- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue (git-fixes).\n- wifi: libertas: Fix possible refcount leak in if_usb_probe() (git-fixes).\n- wifi: mac80211: fix queue selection for mesh/OCB interfaces (git-fixes).\n- wifi: p54: Fix an error handling path in p54spi_probe() (git-fixes).\n- wifi: p54: add missing parentheses in p54_flush() (git-fixes).\n- wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() (git-fixes).\n- wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() (git-fixes).\n- wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` (git-fixes).\n- x86/bugs: Remove apostrophe typo (bsc#1178134).\n- x86/entry: Remove skip_r11rcx (bsc#1201644).\n- x86/kvmclock: Move this_cpu_pvti into kvmclock.h (git-fixes).\n- x86/retbleed: Add fine grained Kconfig knobs (bsc#1178134).\n- xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue (bsc#1201381).\n- xen: detect uninitialized xenbus in xenbus_init (git-fixes).\n- xen: do not continue xenstore initialization in case of errors (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-2892,openSUSE-Leap-Micro-5.2-2022-2892", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2892-2.json", }, { category: "self", summary: "URL for SUSE-SU-2022:2892-2", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20222892-2/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:2892-2", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012040.html", }, { category: "self", summary: "SUSE Bug 1178134", url: "https://bugzilla.suse.com/1178134", }, { category: "self", summary: "SUSE Bug 1196616", url: "https://bugzilla.suse.com/1196616", }, { category: "self", summary: "SUSE Bug 1196867", url: "https://bugzilla.suse.com/1196867", }, { category: "self", summary: "SUSE Bug 1198829", url: "https://bugzilla.suse.com/1198829", }, { category: "self", summary: "SUSE Bug 1199364", url: "https://bugzilla.suse.com/1199364", }, { category: "self", summary: "SUSE Bug 1199647", url: "https://bugzilla.suse.com/1199647", }, { category: "self", summary: "SUSE Bug 1199648", url: "https://bugzilla.suse.com/1199648", }, { category: "self", summary: "SUSE Bug 1199665", url: "https://bugzilla.suse.com/1199665", }, { category: "self", summary: "SUSE Bug 1199670", url: "https://bugzilla.suse.com/1199670", }, { category: "self", summary: "SUSE Bug 1199695", url: "https://bugzilla.suse.com/1199695", }, { category: "self", summary: "SUSE Bug 1200521", url: "https://bugzilla.suse.com/1200521", }, { category: "self", summary: "SUSE Bug 1200598", url: "https://bugzilla.suse.com/1200598", }, { category: "self", summary: "SUSE Bug 1200644", url: "https://bugzilla.suse.com/1200644", }, { category: "self", summary: "SUSE Bug 1200651", url: "https://bugzilla.suse.com/1200651", }, { category: "self", summary: "SUSE Bug 1200762", url: "https://bugzilla.suse.com/1200762", }, { category: "self", summary: "SUSE Bug 1200910", url: "https://bugzilla.suse.com/1200910", }, { category: "self", summary: "SUSE Bug 1201196", url: "https://bugzilla.suse.com/1201196", }, { category: "self", summary: "SUSE Bug 1201206", url: "https://bugzilla.suse.com/1201206", }, { category: "self", summary: "SUSE Bug 1201251", url: "https://bugzilla.suse.com/1201251", }, { category: "self", summary: "SUSE Bug 1201381", url: "https://bugzilla.suse.com/1201381", }, { category: "self", summary: "SUSE Bug 1201429", url: "https://bugzilla.suse.com/1201429", }, { category: "self", summary: "SUSE Bug 1201442", url: "https://bugzilla.suse.com/1201442", }, { category: "self", summary: "SUSE Bug 1201458", url: "https://bugzilla.suse.com/1201458", }, { category: "self", summary: "SUSE Bug 1201635", url: "https://bugzilla.suse.com/1201635", }, { category: "self", summary: "SUSE Bug 1201636", url: "https://bugzilla.suse.com/1201636", }, { category: "self", summary: "SUSE Bug 1201644", url: "https://bugzilla.suse.com/1201644", }, { category: "self", summary: "SUSE Bug 1201645", url: "https://bugzilla.suse.com/1201645", }, { category: "self", summary: "SUSE Bug 1201664", url: "https://bugzilla.suse.com/1201664", }, { category: "self", summary: "SUSE Bug 1201672", url: "https://bugzilla.suse.com/1201672", }, { category: "self", summary: "SUSE Bug 1201673", url: "https://bugzilla.suse.com/1201673", }, { category: "self", summary: "SUSE Bug 1201676", url: "https://bugzilla.suse.com/1201676", }, { category: "self", summary: "SUSE Bug 1201742", url: "https://bugzilla.suse.com/1201742", }, { category: "self", summary: "SUSE Bug 1201752", url: "https://bugzilla.suse.com/1201752", }, { category: "self", summary: "SUSE Bug 1201846", url: "https://bugzilla.suse.com/1201846", }, { category: "self", summary: "SUSE Bug 1201930", url: "https://bugzilla.suse.com/1201930", }, { category: "self", summary: "SUSE Bug 1201940", url: "https://bugzilla.suse.com/1201940", }, { category: "self", summary: "SUSE Bug 1201941", url: "https://bugzilla.suse.com/1201941", }, { category: "self", summary: "SUSE Bug 1201954", url: "https://bugzilla.suse.com/1201954", }, { category: "self", summary: "SUSE Bug 1201956", url: "https://bugzilla.suse.com/1201956", }, { category: "self", summary: "SUSE Bug 1201958", url: "https://bugzilla.suse.com/1201958", }, { category: "self", summary: "SUSE Bug 1202087", url: "https://bugzilla.suse.com/1202087", }, { category: "self", summary: "SUSE Bug 1202154", url: "https://bugzilla.suse.com/1202154", }, { category: "self", summary: "SUSE Bug 1202312", url: "https://bugzilla.suse.com/1202312", }, { category: "self", summary: "SUSE CVE CVE-2020-36516 page", url: "https://www.suse.com/security/cve/CVE-2020-36516/", }, { category: "self", summary: "SUSE CVE CVE-2020-36557 page", url: "https://www.suse.com/security/cve/CVE-2020-36557/", }, { category: "self", summary: "SUSE CVE CVE-2020-36558 page", url: "https://www.suse.com/security/cve/CVE-2020-36558/", }, { category: "self", summary: "SUSE CVE CVE-2021-33655 page", url: "https://www.suse.com/security/cve/CVE-2021-33655/", }, { category: "self", summary: "SUSE CVE CVE-2021-33656 page", url: "https://www.suse.com/security/cve/CVE-2021-33656/", }, { category: "self", summary: "SUSE CVE CVE-2022-1116 page", url: "https://www.suse.com/security/cve/CVE-2022-1116/", }, { category: "self", summary: "SUSE CVE CVE-2022-1462 page", url: "https://www.suse.com/security/cve/CVE-2022-1462/", }, { category: "self", summary: "SUSE CVE CVE-2022-20166 page", url: "https://www.suse.com/security/cve/CVE-2022-20166/", }, { category: "self", summary: "SUSE CVE CVE-2022-21505 page", url: "https://www.suse.com/security/cve/CVE-2022-21505/", }, { category: "self", summary: "SUSE CVE CVE-2022-2318 page", url: "https://www.suse.com/security/cve/CVE-2022-2318/", }, { category: "self", summary: "SUSE CVE CVE-2022-26365 page", url: "https://www.suse.com/security/cve/CVE-2022-26365/", }, { category: "self", summary: "SUSE CVE CVE-2022-2639 page", url: "https://www.suse.com/security/cve/CVE-2022-2639/", }, { category: "self", summary: "SUSE CVE CVE-2022-29581 page", url: "https://www.suse.com/security/cve/CVE-2022-29581/", }, { category: "self", summary: "SUSE CVE CVE-2022-33740 page", url: "https://www.suse.com/security/cve/CVE-2022-33740/", }, { category: "self", summary: "SUSE CVE CVE-2022-33741 page", url: "https://www.suse.com/security/cve/CVE-2022-33741/", }, { category: "self", summary: "SUSE CVE CVE-2022-33742 page", url: "https://www.suse.com/security/cve/CVE-2022-33742/", }, { category: "self", summary: "SUSE CVE CVE-2022-36946 page", url: "https://www.suse.com/security/cve/CVE-2022-36946/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2022-08-25T09:08:09Z", generator: { date: "2022-08-25T09:08:09Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:2892-2", initial_release_date: "2022-08-25T09:08:09Z", revision_history: [ { date: "2022-08-25T09:08:09Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-5.3.18-150300.99.1.noarch", product: { name: "kernel-devel-rt-5.3.18-150300.99.1.noarch", product_id: "kernel-devel-rt-5.3.18-150300.99.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-5.3.18-150300.99.1.noarch", product: { name: "kernel-source-rt-5.3.18-150300.99.1.noarch", product_id: "kernel-source-rt-5.3.18-150300.99.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-5.3.18-150300.99.1.x86_64", product: { name: "cluster-md-kmp-rt-5.3.18-150300.99.1.x86_64", product_id: "cluster-md-kmp-rt-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product: { name: "cluster-md-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product_id: "cluster-md-kmp-rt_debug-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-5.3.18-150300.99.1.x86_64", product: { name: "dlm-kmp-rt-5.3.18-150300.99.1.x86_64", product_id: "dlm-kmp-rt-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product: { name: "dlm-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product_id: "dlm-kmp-rt_debug-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-5.3.18-150300.99.1.x86_64", product: { name: "gfs2-kmp-rt-5.3.18-150300.99.1.x86_64", product_id: "gfs2-kmp-rt-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product: { name: "gfs2-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product_id: "gfs2-kmp-rt_debug-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt-devel-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt-devel-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-extra-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt-extra-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt-extra-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-devel-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt-livepatch-devel-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt-livepatch-devel-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-optional-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt-optional-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt-optional-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt_debug-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt_debug-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt_debug-devel-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt_debug-devel-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-extra-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt_debug-extra-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt_debug-extra-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt_debug-livepatch-devel-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-optional-5.3.18-150300.99.1.x86_64", product: { name: "kernel-rt_debug-optional-5.3.18-150300.99.1.x86_64", product_id: "kernel-rt_debug-optional-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-5.3.18-150300.99.1.x86_64", product: { name: "kernel-syms-rt-5.3.18-150300.99.1.x86_64", product_id: "kernel-syms-rt-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt-5.3.18-150300.99.1.x86_64", product: { name: "kselftests-kmp-rt-5.3.18-150300.99.1.x86_64", product_id: "kselftests-kmp-rt-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product: { name: "kselftests-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product_id: "kselftests-kmp-rt_debug-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-5.3.18-150300.99.1.x86_64", product: { name: "ocfs2-kmp-rt-5.3.18-150300.99.1.x86_64", product_id: "ocfs2-kmp-rt-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product: { name: "ocfs2-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product_id: "ocfs2-kmp-rt_debug-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt-5.3.18-150300.99.1.x86_64", product: { name: "reiserfs-kmp-rt-5.3.18-150300.99.1.x86_64", product_id: "reiserfs-kmp-rt-5.3.18-150300.99.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product: { name: "reiserfs-kmp-rt_debug-5.3.18-150300.99.1.x86_64", product_id: "reiserfs-kmp-rt_debug-5.3.18-150300.99.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap Micro 5.2", product: { name: "openSUSE Leap Micro 5.2", product_id: "openSUSE Leap Micro 5.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.99.1.x86_64 as component of openSUSE Leap Micro 5.2", product_id: "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.99.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-36516", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36516", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36516", url: "https://www.suse.com/security/cve/CVE-2020-36516", }, { category: "external", summary: "SUSE Bug 1196616 for CVE-2020-36516", url: "https://bugzilla.suse.com/1196616", }, { category: "external", summary: "SUSE Bug 1196867 for CVE-2020-36516", url: "https://bugzilla.suse.com/1196867", }, { category: "external", summary: "SUSE Bug 1204092 for CVE-2020-36516", url: "https://bugzilla.suse.com/1204092", }, { category: "external", summary: "SUSE Bug 1204183 for CVE-2020-36516", url: "https://bugzilla.suse.com/1204183", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "important", }, ], title: "CVE-2020-36516", }, { cve: "CVE-2020-36557", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36557", }, ], notes: [ { category: "general", text: "A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36557", url: "https://www.suse.com/security/cve/CVE-2020-36557", }, { category: "external", summary: "SUSE Bug 1201429 for CVE-2020-36557", url: "https://bugzilla.suse.com/1201429", }, { category: "external", summary: "SUSE Bug 1201742 for CVE-2020-36557", url: "https://bugzilla.suse.com/1201742", }, { category: "external", summary: "SUSE Bug 1202874 for CVE-2020-36557", url: "https://bugzilla.suse.com/1202874", }, { category: "external", summary: "SUSE Bug 1205313 for CVE-2020-36557", url: "https://bugzilla.suse.com/1205313", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "important", }, ], title: "CVE-2020-36557", }, { cve: "CVE-2020-36558", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36558", }, ], notes: [ { category: "general", text: "A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36558", url: "https://www.suse.com/security/cve/CVE-2020-36558", }, { category: "external", summary: "SUSE Bug 1200910 for CVE-2020-36558", url: "https://bugzilla.suse.com/1200910", }, { category: "external", summary: "SUSE Bug 1201752 for CVE-2020-36558", url: "https://bugzilla.suse.com/1201752", }, { category: "external", summary: "SUSE Bug 1205313 for CVE-2020-36558", url: "https://bugzilla.suse.com/1205313", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "important", }, ], title: "CVE-2020-36558", }, { cve: "CVE-2021-33655", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-33655", }, ], notes: [ { category: "general", text: "When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-33655", url: "https://www.suse.com/security/cve/CVE-2021-33655", }, { category: "external", summary: "SUSE Bug 1201635 for CVE-2021-33655", url: "https://bugzilla.suse.com/1201635", }, { category: "external", summary: "SUSE Bug 1202087 for CVE-2021-33655", url: "https://bugzilla.suse.com/1202087", }, { category: "external", summary: "SUSE Bug 1205313 for CVE-2021-33655", url: "https://bugzilla.suse.com/1205313", }, { category: "external", summary: "SUSE Bug 1212291 for CVE-2021-33655", url: "https://bugzilla.suse.com/1212291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "important", }, ], title: "CVE-2021-33655", }, { cve: "CVE-2021-33656", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-33656", }, ], notes: [ { category: "general", text: "When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-33656", url: "https://www.suse.com/security/cve/CVE-2021-33656", }, { category: "external", summary: "SUSE Bug 1201636 for CVE-2021-33656", url: "https://bugzilla.suse.com/1201636", }, { category: "external", summary: "SUSE Bug 1212286 for CVE-2021-33656", url: "https://bugzilla.suse.com/1212286", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2021-33656", }, { cve: "CVE-2022-1116", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1116", }, ], notes: [ { category: "general", text: "Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1116", url: "https://www.suse.com/security/cve/CVE-2022-1116", }, { category: "external", summary: "SUSE Bug 1199647 for CVE-2022-1116", url: "https://bugzilla.suse.com/1199647", }, { category: "external", summary: "SUSE Bug 1199648 for CVE-2022-1116", url: "https://bugzilla.suse.com/1199648", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-1116", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "important", }, ], title: "CVE-2022-1116", }, { cve: "CVE-2022-1462", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1462", }, ], notes: [ { category: "general", text: "An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1462", url: "https://www.suse.com/security/cve/CVE-2022-1462", }, { category: "external", summary: "SUSE Bug 1198829 for CVE-2022-1462", url: "https://bugzilla.suse.com/1198829", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-1462", }, { cve: "CVE-2022-20166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-20166", }, ], notes: [ { category: "general", text: "In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-20166", url: "https://www.suse.com/security/cve/CVE-2022-20166", }, { category: "external", summary: "SUSE Bug 1200598 for CVE-2022-20166", url: "https://bugzilla.suse.com/1200598", }, { category: "external", summary: "SUSE Bug 1212284 for CVE-2022-20166", url: "https://bugzilla.suse.com/1212284", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-20166", }, { cve: "CVE-2022-21505", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21505", }, ], notes: [ { category: "general", text: "In the linux kernel, if IMA appraisal is used with the \"ima_appraise=log\" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting \"ima_appraise=log\" from the boot param when Secure Boot is enabled, but this does not cover cases where lockdown is used without Secure Boot. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity, Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21505", url: "https://www.suse.com/security/cve/CVE-2022-21505", }, { category: "external", summary: "SUSE Bug 1201458 for CVE-2022-21505", url: "https://bugzilla.suse.com/1201458", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-21505", }, { cve: "CVE-2022-2318", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2318", }, ], notes: [ { category: "general", text: "There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2318", url: "https://www.suse.com/security/cve/CVE-2022-2318", }, { category: "external", summary: "SUSE Bug 1201251 for CVE-2022-2318", url: "https://bugzilla.suse.com/1201251", }, { category: "external", summary: "SUSE Bug 1212303 for CVE-2022-2318", url: "https://bugzilla.suse.com/1212303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-2318", }, { cve: "CVE-2022-26365", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-26365", }, ], notes: [ { category: "general", text: "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-26365", url: "https://www.suse.com/security/cve/CVE-2022-26365", }, { category: "external", summary: "SUSE Bug 1200762 for CVE-2022-26365", url: "https://bugzilla.suse.com/1200762", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-26365", }, { cve: "CVE-2022-2639", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2639", }, ], notes: [ { category: "general", text: "An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2639", url: "https://www.suse.com/security/cve/CVE-2022-2639", }, { category: "external", summary: "SUSE Bug 1202154 for CVE-2022-2639", url: "https://bugzilla.suse.com/1202154", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-2639", }, { cve: "CVE-2022-29581", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-29581", }, ], notes: [ { category: "general", text: "Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-29581", url: "https://www.suse.com/security/cve/CVE-2022-29581", }, { category: "external", summary: "SUSE Bug 1199665 for CVE-2022-29581", url: "https://bugzilla.suse.com/1199665", }, { category: "external", summary: "SUSE Bug 1199695 for CVE-2022-29581", url: "https://bugzilla.suse.com/1199695", }, { category: "external", summary: "SUSE Bug 1205313 for CVE-2022-29581", url: "https://bugzilla.suse.com/1205313", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "important", }, ], title: "CVE-2022-29581", }, { cve: "CVE-2022-33740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-33740", }, ], notes: [ { category: "general", text: "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-33740", url: "https://www.suse.com/security/cve/CVE-2022-33740", }, { category: "external", summary: "SUSE Bug 1200762 for CVE-2022-33740", url: "https://bugzilla.suse.com/1200762", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-33740", }, { cve: "CVE-2022-33741", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-33741", }, ], notes: [ { category: "general", text: "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-33741", url: "https://www.suse.com/security/cve/CVE-2022-33741", }, { category: "external", summary: "SUSE Bug 1200762 for CVE-2022-33741", url: "https://bugzilla.suse.com/1200762", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-33741", }, { cve: "CVE-2022-33742", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-33742", }, ], notes: [ { category: "general", text: "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-33742", url: "https://www.suse.com/security/cve/CVE-2022-33742", }, { category: "external", summary: "SUSE Bug 1200762 for CVE-2022-33742", url: "https://bugzilla.suse.com/1200762", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "moderate", }, ], title: "CVE-2022-33742", }, { cve: "CVE-2022-36946", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-36946", }, ], notes: [ { category: "general", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-36946", url: "https://www.suse.com/security/cve/CVE-2022-36946", }, { category: "external", summary: "SUSE Bug 1201940 for CVE-2022-36946", url: "https://bugzilla.suse.com/1201940", }, { category: "external", summary: "SUSE Bug 1201941 for CVE-2022-36946", url: "https://bugzilla.suse.com/1201941", }, { category: "external", summary: "SUSE Bug 1202312 for CVE-2022-36946", url: "https://bugzilla.suse.com/1202312", }, { category: "external", summary: "SUSE Bug 1202874 for CVE-2022-36946", url: "https://bugzilla.suse.com/1202874", }, { category: "external", summary: "SUSE Bug 1203208 for CVE-2022-36946", url: "https://bugzilla.suse.com/1203208", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-36946", url: "https://bugzilla.suse.com/1204132", }, { category: "external", summary: "SUSE Bug 1205313 for CVE-2022-36946", url: "https://bugzilla.suse.com/1205313", }, { category: "external", summary: "SUSE Bug 1212310 for CVE-2022-36946", url: "https://bugzilla.suse.com/1212310", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.99.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-08-25T09:08:09Z", details: "important", }, ], title: "CVE-2022-36946", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.